CVE-2020-37080

High CVSS: 7.2

webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through an unauthenticated file deletion mechanism.

Vendor

Product

CWE

CWE-73

Yayın Tarihi

2026-02-03 22:16:23

Güncelleme

2026-02-04 16:33:44

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-73 HIGH 2026

Referanslar

https://sourceforge.net/projects/webtareas/ https://www.exploit-db.com/exploits/48430 https://www.vulncheck.com/advisories/webtareas-p-arbitrary-file-deletion