CVE-2026-2551 | ZenTao up to 21.7.8 Backup editor/control.php delete fileName path traversal

A vulnerability identified as critical has been detected in ZenTao up to 21.7.8. Affected by this vulnerability is the function delete of the file editor/control.php of the component Backup Handler. This manipulation of the argument fileName causes path traversal.

The identification of this vulnerability is CVE-2026-2551. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More