{"id":"CVE-2020-25873","details":"A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the \"id\" parameter.","modified":"2026-03-14T10:07:08.782880Z","published":"2021-10-29T20:15:07.983Z","references":[{"type":"EVIDENCE","url":"https://github.com/baijiacms/baijiacmsV4/issues/6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/baijiacms/baijiacmsv4","events":[{"introduced":"0"},{"last_affected":"121349f7f4ead2358ea593d738b192525f7478e2"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4"}]}}],"versions":["V4.1.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25873.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}