CVE-2018-20128

Publication date

2018-12-13 08:00:00

Family

mitre

State

PUBLISHED

Description

An issue was discovered in UsualToolCMS v8.0. cmsadmina_sqlback.php allows remote attackers to delete arbitrary files via a backname[] directory-traversal pathname followed by a crafted substring.