Vulnerability Details CVE-2018-19228
An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 6.4
References