CVE-2018-6880

CVE: CVE-2018-6880
Published: 2018-02-12T03:29Z
Vendor: phome
Products: empirecms
Versions: 6.6, 7.0, 7.2,
Description Language: en
Description: EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value for a parameter to class/connect.php.
References:
https://github.com/kongxin520/EmpireCMS/blob/master/EmpireCMS.md