2 matches found
CVE-2019-17073
emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del=../ directory traversal...
CVE-2019-17073
CVE-2019-17073 affects emlog up to version 6.0.0beta. The vulnerability arises from a directory traversal in admin/template.php, where an authenticated remote user can abuse the tpl parameter (tpl=../) to delete arbitrary files. Impact is partial confidentiality? Actually deletion of arbitrary fi...