Unauthorized Operation Vulnerability in DBHcms v1.2.0: Empty Cache Operation Allows Table Emptying

Unauthorized Operation Vulnerability in DBHcms v1.2.0: Empty Cache Operation Allows Table Emptying

CVE-2020-19888 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table.

Learn more about our Cms Pen Testing.