Arbitrary PHP Code Execution Vulnerability in iCMS 7.0.11

Arbitrary PHP Code Execution Vulnerability in iCMS 7.0.11

CVE-2018-16320 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.

Learn more about our Cms Pen Testing.