Eval Injection Vulnerability in Taocms (through 2014-05-24) via install.php db_name Parameter

Eval Injection Vulnerability in Taocms (through 2014-05-24) via install.php db_name Parameter

CVE-2019-7720 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.

Learn more about our Cms Pen Testing.