Arbitrary File Read and Delete Vulnerability in FeiFeiCms 4.0.181010

Arbitrary File Read and Delete Vulnerability in FeiFeiCms 4.0.181010

CVE-2019-8412 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal.

Learn more about our Cms Pen Testing.