Jtbc: >> Jtbc Php >> 3.0.1.8 Security Vulnerabilities
An issue was discovered in JTBC(PHP) 3.0.1.8. Its cache management module is flawed. An arbitrary file ending in "inc.php" can be deleted via a console/cache/manage.php?type=action&action=batch&batch=delete&ids=../ substring.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-03-11
JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-02-18