CVE-2018-18891

Summary: 
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late.
Published: 
Wednesday, October 31, 2018 - 21:29
cvss: