CVE-2020-36005

Name of the Vulnerable Software and Affected Versions: AppCMS version 2.0.101

Description: The issue allows attackers to delete arbitrary files on the site due to an arbitrary file deletion vulnerability in /admin/app.php.

Recommendations: For AppCMS version 2.0.101, as a temporary workaround, consider restricting access to the /admin/app.php endpoint until a patch is available. Avoid using the vulnerable functionality in /admin/app.php to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.