Arbitrary File Deletion Vulnerability in Monstra CMS 3.0.4

Arbitrary File Deletion Vulnerability in Monstra CMS 3.0.4

CVE-2018-16819 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion via id=filesmanager&path=uploads/.......//./.......//./&delete_file= requests.

Learn more about our Cms Pen Testing.