2 matches found
CVE-2019-16868
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dellallbak request with directory traversal sequences in the bak parameter...
CVE-2019-16868
Emlog (up to 6.0.0beta) is vulnerable to arbitrary file deletion via admin/data.php?action=dell_all_bak with directory traversal in bak[]. This can delete arbitrary files. Confirmed by CVE-2019-16868 entries (NVD, Red Hat). CVSSv3.1 base score 9.8 (CRITICAL): Network-based, no auth, no user inter...