| Titel | mrcms v3.1.2 vertical privilege escalation vulnerability |
|---|
| Beschreibung | There is a vertical privilege escalation vulnerability in MRCMS v3.1.2 at /admin/file/delete, which allows attackers to delete any website file without logging in by constructing a request. |
|---|
| Quelle | ⚠️ https://github.com/IceFoxH/VULN/issues/1 |
|---|
| Benutzer | icefoxh (UID 82165) |
|---|
| Einreichung | 28.02.2025 16:27 (vor 1 Jahr) |
|---|
| Moderieren | 11.03.2025 08:03 (11 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 299218 [MRCMS 3.1.2 org.marker.mushroom.controller.FileController /admin/file/delete.do delete path/name Directory Traversal] |
|---|
| Punkte | 16 |
|---|