Vulnerability Details CVE-2022-36261
An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.6%
CVSS Severity
CVSS v3 Score 9.1
References
- https://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md
- https://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md?by=xboy%28topsec%29
- https://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md
- https://github.com/chasingboy/cms-pentest/blob/main/taocms-arbitrary-file-deletion-vulnerability.md?by=xboy%28topsec%29