CVE-2018-6881

CVE-2018-6881

EPSS 2.2%

EmpireCMS 6.6 allows remote attackers to discover the full path via an array value for a parameter to admin/tool/ShowPic.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/kongxin520/EmpireCMS/blob/master/EmpireCMS.md https://kongxin.gitbook.io/dedecms-5-7-bug/https://kongxin.gitbook.io/empirecms/