First published: Thu Dec 02 2021(Updated: )
Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion vulnerability via \app_del.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zblogcn Z-blogphp | =1.6.1.2100 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-29177.
The severity of CVE-2020-29177 is critical with a CVSS score of 9.1.
The affected software is Z-BlogPHP version 1.6.1.2100.
The vulnerability allows an attacker to delete arbitrary files through the \app_del.php file.
Yes, users should update to a patched version of Z-BlogPHP to fix this vulnerability.