CVE-2018-18890
MiniCMS 1.10 contains an information-disclosure vulnerability. Due to handling of the delete parameter in /mc-admin/post.php, an invalid filename can cause full path disclosure. This is documented across CVE-2018-18890 entries (NVD, Red Hat, OSV, CVE lists). Exploitation details are not provided ...