exploitDog

GHSA-9493-8hw4-j4xf

Опубликовано: 09 фев. 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.

Ссылки

EPSS

Процентиль: 55%

0.00329

Низкий

CVE ID

Дефекты

CWE-552

Связанные уязвимости

CVE-2022-23316

CVSS3: 4.9

nvd

около 4 лет назад

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.

EPSS

Процентиль: 55%

0.00329

Низкий

CVE ID

Дефекты

CWE-552