CVE-2019-11624

Name of the Vulnerable Software and Affected Versions doorGets version 7.0

Description The issue allows a remote background administrator privilege user to exploit an arbitrary file deletion vulnerability. This vulnerability is located in the /doorgets/app/requests/user/configurationRequest.php file.

Recommendations For doorGets version 7.0, consider restricting access to the configurationRequest.php file until a patch is available. As a temporary workaround, limit the privileges of background administrator users to minimize the risk of exploitation.