2 matches found
CVE-2026-2551
CVE-2026-2551 affects ZenTao up to version 21.7.8. The vulnerability resides in the Backup Handler component, specifically the delete function in editor/control.php, where manipulating the fileName argument enables path traversal. This can be triggered remotely; exploitation has been publicly dis...
CVE-2026-2551 ZenTao Backup control.php delete path traversal
A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal. It is possible to initiate the attack remotely. The exploi...