CVE-2018-16320

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
01/09/2018
Last modified:
17/06/2026

Description

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:idreamsoft:icms:7.0.11:*:*:*:*:*:*:*