Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CMS Made Simple 目录遍历漏洞
Vulnerability Description
CMS Made Simple(CMSMS)是CMSMS团队开发的一套开源的内容管理系统(CMS)。该系统支持基于角色的权限管理系统、基于向导的安装与更新机制、智能缓存机制等。 CMS Made Simple (CMSMS)1.11.2.1之前版本中的lib/filemanager/imagemanager/images.php脚本中存在目录遍历漏洞。远程认证攻击者利用该漏洞通过deld参数中的(..),删除任意文件。
CVSS Information
N/A
Vulnerability Type
N/A