Popojicms: >> Popojicms >> 2.0.1 Security Vulnerabilities
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-11-05
An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-11-05
Page 2