| Titolo | mrcms v3.1.2 vertical privilege escalation vulnerability |
|---|
| Descrizione | There is a vertical privilege escalation vulnerability in MRCMS v3.1.2 at /admin/file/delete, which allows attackers to delete any website file without logging in by constructing a request. |
|---|
| Fonte | ⚠️ https://github.com/IceFoxH/VULN/issues/1 |
|---|
| Utente | icefoxh (UID 82165) |
|---|
| Sottomissione | 28/02/2025 16:27 (1 Anno fa) |
|---|
| Moderazione | 11/03/2025 08:03 (11 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 299218 [MRCMS 3.1.2 org.marker.mushroom.controller.FileController /admin/file/delete.do delete path/name directory traversal] |
|---|
| Punti | 16 |
|---|