First published: Fri Apr 07 2023(Updated: )
A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225330 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
taogogo taoCMS | =3.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-1947 is critical with a severity value of 9.8.
The taoCMS admin.php code injection vulnerability allows for remote code injection, making it possible for attackers to execute malicious code on the affected software.
To fix the taoCMS admin.php code injection vulnerability, it is recommended to update taoCMS to version 3.0.3 or later, which includes a patch for this vulnerability.
The Common Vulnerabilities and Exposures (CVE) ID for the taoCMS admin.php code injection vulnerability is CVE-2023-1947.
Yes, you can find additional information about the taoCMS admin.php code injection vulnerability in the references provided: [Link 1](https://gitee.com/misak7in/cve/blob/master/taocms.md), [Link 2](https://vuldb.com/?ctiid.225330), [Link 3](https://vuldb.com/?id.225330).