Security Advisory
CVE-2020-37080
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the atttmp1 parameter to specify and delete files on the server through an unauthenticated file deletion mechanism.