CVE-2019-7720: Code Injection
First published: Mon Feb 11 2019(Updated: )
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| taogogo taoCMS | <=2014-05-24 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-7720?
CVE-2019-7720 is a vulnerability in taocms through 2014-05-24 that allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
How severe is CVE-2019-7720?
CVE-2019-7720 has a severity rating of critical with a score of 9.8.
Which software is affected by CVE-2019-7720?
taocms through 2014-05-24 is affected by CVE-2019-7720.
How can I fix CVE-2019-7720?
To fix CVE-2019-7720, update taocms to a version that is later than 2014-05-24 and apply any available patches.
Where can I find more information about CVE-2019-7720?
You can find more information about CVE-2019-7720 at https://github.com/taogogo/taocms/issues/1.
- collector/nvd-index
- agent/type
- vendor/taogogo
- canonical/taogogo taocms
- version/taogogo taocms/2014-05-24