An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files via a title directory-traversal pathname followed by a crafted substring.
References
Link | Resource |
---|---|
http://www.iwantacve.cn/index.php/archives/296/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2019-09-08 20:15
Updated : 2019-09-10 07:01
NVD link : CVE-2019-16132
Mitre link : CVE-2019-16132
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
phpok
- oklite