An issue exists in SeaCMS up to and including 6.61. adm1n/admin_database.php allows remote malicious users to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
seamcms seacms |