3 matches found
CVE-2019-8291
Online Store System v1.0 deletefile.php doesn't check to see if a user has administrative rights nor does it check for path traversal...
CVE-2019-8291
Online Store System v1.0 deletefile.php doesn't check to see if a user has administrative rights nor does it check for path traversal...
CVE-2019-8291
The CVE-2019-8291 entry concerns Online Store System v1.0, specifically delete_file.php, which does not verify administrative rights and lacks path traversal protection. Publicly available connected records describe a path traversal vulnerability enabling access to locations outside restricted di...