Web Vulnerability Report
| ID | EDB-ID-48749 |
| CVSS 3.0 | N/A |
|
Cloudbric Score
?
|
High |
| Cloudbric Detection | Yes |
| Vulnerability Type | Unauthenticated Arbitrary File Deletion |
| Published Date | 2020-08-17 |
| Updated Date | 2020-09-17 |
| Vendor | 3.0.9 |
| Description | Input passed to the 'data' parameter in 'QH.aspx' for delete action is not properly sanitised before being used to delete files. This can be exploited by an unauthenticated attacker to delete files with the permissions of the web server using their absolute path or via directory traversal sequences passed within the affected POST parameter. |
| Reference | N/A |
| URL Link | https://www.exploit-db.com/exploits/48749/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
| ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
|---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now