First published: Tue Aug 23 2022(Updated: )
An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
taogogo taoCMS | =3.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-36261 is an arbitrary file deletion vulnerability in taocms 3.0.2.
CVE-2022-36261 has a severity rating of 9.1, which is considered critical.
CVE-2022-36261 allows an attacker to delete files by exploiting a vulnerability in the 'admin.php' file.
CVE-2022-36261 affects taocms 3.0.2.
There is currently no known fix for CVE-2022-36261. It is recommended to update to a patched version when available.