CVE-2018-18936

An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt