Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
taogogo taocms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34654
taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS).
Taogogo Taocms
668
VMScore
CVE-2019-7720
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
Taogogo Taocms
580
VMScore
CVE-2022-23380
There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit.
Taogogo Taocms 3.0.2
NA
CVE-2022-36261
An arbitrary file deletion vulnerability exists in taocms 3.0.2, that allows malicious user to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt
Taogogo Taocms 3.0.2
668
VMScore
CVE-2022-23880
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows malicious users to execute arbitrary code via a crafted PHP file.
Taogogo Taocms 3.0.2
357
VMScore
CVE-2022-23316
An issue exists in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.
Taogogo Taocms 3.0.2
NA
CVE-2020-20725
Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote malicious user to execute arbitrary code via the name field in admin.php.
Taogogo Taocms 2.5
578
VMScore
CVE-2021-44915
Taocms 3.0.2 exists to contain a blind SQL injection vulnerability via the function Edit category.
Taogogo Taocms 3.0.2
578
VMScore
CVE-2021-25783
Taocms v2.5Beta5 exists to contain a blind SQL injection vulnerability via the function Article Search.
Taogogo Taocms 2.5
578
VMScore
CVE-2021-25784
Taocms v2.5Beta5 exists to contain a blind SQL injection vulnerability via the function Edit Article.
Taogogo Taocms 2.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »