CVE-2022-28059

Name of the Vulnerable Software and Affected Versions Verydows version 2.0

Description The issue allows for arbitrary file deletion via the backend/database controller.php endpoint. This could potentially lead to significant disruptions or data loss.

Recommendations For Verydows version 2.0, consider restricting access to the backend/database controller.php endpoint until a fix is available. As a temporary workaround, review and limit file deletion permissions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.