Home
Description
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload
References
github.com/sorzs/test/blob/main/read_and_delete
gist.github.com/sorzs/c67a3dcaa9adb49266d5ff52a04d904b