Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
taocms vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-44969
Taocms v3.0.2 exists to contain a cross-site scripting (XSS) vulnerability via the Management Column component.
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2021-46204
Taocms v3.0.2 exists to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php.
Taogogo Taocms 3.0.2
4.9
CVSSv3
CVE-2022-23316
An issue exists in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.
Taogogo Taocms 3.0.2
8.8
CVSSv3
CVE-2022-23380
There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit.
Taogogo Taocms 3.0.2
7.2
CVSSv3
CVE-2021-25783
Taocms v2.5Beta5 exists to contain a blind SQL injection vulnerability via the function Article Search.
Taogogo Taocms 2.5
7.2
CVSSv3
CVE-2021-25784
Taocms v2.5Beta5 exists to contain a blind SQL injection vulnerability via the function Edit Article.
Taogogo Taocms 2.5
4.8
CVSSv3
CVE-2021-25785
Taocms v2.5Beta5 exists to contain a cross-site scripting (XSS) vulnerability via the component Management column.
Taogogo Taocms 2.5
9.1
CVSSv3
CVE-2022-36261
An arbitrary file deletion vulnerability exists in taocms 3.0.2, that allows malicious user to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2022-36262
An issue exists in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying config.php.
Taogogo Taocms 3.0.2
9.8
CVSSv3
CVE-2023-1947
A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...
Taogogo Taocms 3.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »