Vulnerability Details CVE-2019-8291
Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 6.4
References
Products affected by CVE-2019-8291
-
cpe:2.3:a:online_store_system_project:online_store_system:1.0