A directory traversal vulnerability exists in MetInfo 5.3.17. A remote attacker can use ..\ to delete any .zip file via the filenames parameter to /admin/system/database/filedown.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
metinfo metinfo 5.3.17 |