CVE-2022-25412
Maxsite CMS v180 is affected by CVE-2022-25412 due to multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php. The root cause is lack of validation for the dir and deletefile parameters, enabling an attacker to delete arbitrary files. Exploitation details or in-t...