Concrete CMS is an open source content management system for teams.Concrete CMS 8.5.5 and earlier versions are vulnerable to arbitrary file deletion. An attacker could exploit the vulnerability to delete arbitrary files via PHAR deserialization in is_dir.
CPE | Name | Operator | Version |
---|---|---|---|
portland labs concrete cms | le | 8.5.5 |