Arbitrary File Read Vulnerability in DamiCMS v6.0.0

Arbitrary File Read Vulnerability in DamiCMS v6.0.0

CVE-2018-14831 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

An arbitrary file read vulnerability in DamiCMS v6.0.0 allows remote authenticated administrators to read any files in the server via a crafted /admin.php?s=Tpl/Add/id/ URI.

Learn more about our Cis Benchmark Audit For Server Software.