Directory Traversal Vulnerability in flatCore 1.4.7 Allows File Deletion via acp/core/files.browser.php
CVE-2017-8868 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.
Learn more about our Web Application Penetration Testing UK.