mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
751 B
751 B
CVE-2020-19888
Description
DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table.
POC
Reference
- https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#13
- https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#13