Arbitrary file deletion

2022-08-2313:15:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.1%

JSON

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/…/…/…/test.txt

CPENameOperatorVersion
taocmseq3.0.2

CPE	Name	Operator	Version
	taocms	eq	3.0.2

References

github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md

github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md?by=xboy(topsec)