← back
CVE-2022-36261

CVE-2022-36261

EPSS 1.0%
An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.mdhttps://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md?by=xboy%28topsec%29