4 matches found
CVE-2019-17175
joyplus-cms 1.6.0 allows manager/adminpic.php?rootpath= absolute path traversal...
CVE-2019-17175
joyplus-cms 1.6.0 allows manager/adminpic.php?rootpath= absolute path traversal...
CVE-2019-17175
joyplus-cms 1.6.0 allows manager/adminpic.php?rootpath= absolute path traversal...
CVE-2019-17175
The CVE-2019-17175 vulnerability affects joyplus-cms version 1.6.0 and is caused by an absolute path traversal flaw in manager/admin_pic.php?rootpath=. This allows an attacker to access locations outside of a restricted directory. Metrics indicate a CVSS v2 base score of 5.0 (MEDIUM) with network...