Vulnerability Details CVE-2018-19329
GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.6%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 5.5
Products affected by CVE-2018-19329
-
cpe:2.3:a:greencms:greencms:2.3.0603