2 matches found
CVE-2022-30804
elitecms v1.01 is vulnerable to Delete any file via /admin/deleteimage.php?file=...
CVE-2022-30804
The vulnerability CVE-2022-30804 affects elitecms v1.01, with a concrete flaw allowing arbitrary file deletion via the API endpoint /admin/delete_image.php?file= (and variant naming in sources as /admin/delete image.php?file=). This is supported by the PT-2022-20323 advisory, which specifies the ...