Vulnerabilities > CVE-2021-44983 - Files or Directories Accessible to External Parties vulnerability in Taogogo Taocms 3.0.1

047910
CVSS 4.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
taogogo
CWE-552
NVD
Published: 2022-02-04
Updated: 2022-02-08

Summary

In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download vulnerability at the File Management column.

Vulnerable Configurations

Part Description Count
Application
Taogogo
1

Common Weakness Enumeration (CWE)

References