Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote malicious user to execute arbitrary code and obtain sensitive information via the include/model/file.php component.