CVE
2018-13024
Public CVE-2018-13024 disclosure
protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to delete arbitrary files via the index.php?r=admin/photo/delpic picname parameter.
Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.
Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.