2 matches found
EUVD-2010-5058
Malware in sbrugna...
Design/Logic Flaw
The deleteinstallfiles function in control/ContentController.php in SilverStripe 2.3.x before 2.3.7 does not require ADMIN permissions, which allows remote attackers to delete index.php and "disrupt modrewrite-less URL routing."...