Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
taogogo taocms 3.0.2 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-44915
Taocms 3.0.2 exists to contain a blind SQL injection vulnerability via the function Edit category.
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2022-25505
Taocms v3.0.2 exists to contain a SQL injection vulnerability via the id parameter in \include\Model\Category.php.
Taogogo Taocms 3.0.2
8.8
CVSSv3
CVE-2022-23380
There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit.
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2022-48006
An arbitrary file upload vulnerability in taocms v3.0.2 allows malicious users to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php.
Taogogo Taocms 3.0.2
9.1
CVSSv3
CVE-2022-36261
An arbitrary file deletion vulnerability exists in taocms 3.0.2, that allows malicious user to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2022-36262
An issue exists in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying config.php.
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2022-46998
An issue in the website background of taocms v3.0.2 allows malicious users to execute a Server-Side Request Forgery (SSRF).
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2023-1947
A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2022-25578
taocms v3.0.2 allows malicious users to execute code injection via arbitrarily editing the .htaccess file.
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2022-23880
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows malicious users to execute arbitrary code via a crafted PHP file.
Taogogo Taocms 3.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »