First published: Wed Jan 19 2022(Updated: )
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
taogogo taoCMS | =3.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-46204 is an arbitrary file read vulnerability in Taocms v3.0.2 via the path parameter.
CVE-2021-46204 has a severity rating of 9.8 (Critical).
Taocms version 3.0.2 is affected by CVE-2021-46204.
To fix CVE-2021-46204, update Taocms to a version that is not affected by the vulnerability.
You can find more information about CVE-2021-46204 at the following reference: https://github.com/taogogo/taocms/issues/14