Primary

Context

webTareas File Deletion Vulnerability in print_layout.php Component

Vulnerability

A file deletion vulnerability has been identified in webTareas version 2.0.p8, specifically within the print_layout.php administration component. This vulnerability allows authenticated attackers to delete arbitrary files on the server. Exploitation involves manipulating the 'atttmp1' parameter to specify files for deletion, bypassing authentication requirements.

Impact

Exploitation of this vulnerability allows for arbitrary file deletion on the server.

Reproduction

To reproduce this vulnerability, send a POST request to the print_layout.php administration page. Include the 'atttmp1' parameter in the request, specifying the name of the file to be deleted. The vulnerability can be exploited without authentication.

Added: Feb 3, 2026, 10:45 PM

Updated: Feb 3, 2026, 10:45 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

webTareas File Deletion Vulnerability in print_layout.php Component

Vulnerability

Impact

Reproduction

Affected Products

webTareas

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating