CVE-2022-36261 Information

Aug 24, 2022 cve

Description

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2 that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt

Reference

https://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md?by=xboy(topsec) https://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md An arbitrary file deletion vulnerability was discovered in taocms 3.0.2 that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt

Share on: