2017-07-28 05:00:00
mitre
PUBLISHED
front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.