An issue exists in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
laobancms laobancms 2.0 |