Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS prior to 1.3.6 allows remote malicious users to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
impresscms impresscms |