2 matches found
CVE-2020-18070
Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "dodel" method of the component "database.admincp.php"...
idreamsoft iCMS Directory Traversal Vulnerability (CNVD-2019-12123)
iCMS is an efficient and simple content management system built with PHP and MySQL. A directory traversal vulnerability exists in admincp.php?app=apps&do=save in idreamsoft iCMS 7.0.13, which can be exploited by an attacker to create a ZIP file with the contents of an arbitrary directory and...