Security Advisory

CVE-2014-1836

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-07-01 14:00:00

Last updated 2024-08-06 09:50:11

Assigner mitre

State PUBLISHED

Description

Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.

← Browse all CVEs View on cve.org ↗