Flatcore: >> Flatcore-Cms >> 1.4.7 Security Vulnerabilities
flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type
CVSS Score
8.0
EPSS Score
0.004
Published
2021-10-28
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-05-10