Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via the dir and deletefile parameters.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/25xxx/CVE-2022-25412.json",
"cna_assigner": "mitre"
}