Vulnerabilities > Taogogo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-05 | CVE-2023-34654 | Cross-site Scripting vulnerability in Taogogo Taocms 2.5/3.0.1/3.0.2 taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
| 2023-06-20 | CVE-2020-20725 | Cross-site Scripting vulnerability in Taogogo Taocms 2.5 Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php. | 6.1 |
| 2023-04-07 | CVE-2023-1947 | Code Injection vulnerability in Taogogo Taocms 3.0.2 A vulnerability was found in taoCMS 3.0.2. | 9.8 |
| 2023-02-24 | CVE-2021-34167 | Cross-Site Request Forgery (CSRF) vulnerability in Taogogo Taocms 3.0.2 Cross Site Request Forgery (CSRF) vulnerability in taoCMS 3.0.2 allows remote attackers to gain escalated privileges via taocms/admin/admin.php. | 8.8 |
| 2023-01-30 | CVE-2022-48006 | Unrestricted Upload of File with Dangerous Type vulnerability in Taogogo Taocms 3.0.2 An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2023-01-26 | CVE-2022-46998 | Server-Side Request Forgery (SSRF) vulnerability in Taogogo Taocms 3.0.2 An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF). | 9.8 |
| 2022-08-23 | CVE-2022-36261 | Path Traversal vulnerability in Taogogo Taocms 3.0.2 An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt | 9.1 |
| 2022-08-15 | CVE-2022-36262 | Code Injection vulnerability in Taogogo Taocms 3.0.2 An issue was discovered in taocms 3.0.2. | 9.8 |
| 2022-07-05 | CVE-2021-44915 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 Taocms 3.0.2 was discovered to contain a blind SQL injection vulnerability via the function Edit category. | 7.2 |
| 2022-03-23 | CVE-2022-23880 | Unrestricted Upload of File with Dangerous Type vulnerability in Taogogo Taocms 3.0.2 An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |