Jtbc: >> Jtbc Php >> 3.0.1.6 Security Vulnerabilities
An issue was discovered in JTBC(PHP) 3.0.1.6. It allows remote attackers to execute arbitrary PHP code by using a /console/file/manage.php?type=action&action=addfile&path=..%2F substring to upload, in conjunction with a multipart/form-data PHP payload.
CVSS Score
8.8
EPSS Score
0.012
Published
2018-10-01
An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion is possible via a /console/file/manage.php?type=action&action=delete&path=c%3A%2F substring.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-10-01
An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file read operations are possible via a /console/#/console/file/manage.php?type=list&path=c:/ substring.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-10-01