exploitDog

GHSA-88fv-rgr4-4rv7

Опубликовано: 24 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt

Ссылки

EPSS

Процентиль: 74%

0.00844

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2022-36261

CVSS3: 9.1

nvd

больше 3 лет назад

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt

EPSS

Процентиль: 74%

0.00844

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22