Описание
An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:taogogo:taocms:3.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00329
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-552
Связанные уязвимости
github
почти 4 года назад
An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.
EPSS
Процентиль: 55%
0.00329
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-552