Vulnerabilities > Taogogo

DATE CVE VULNERABILITY TITLE RISK
2021-12-02 CVE-2021-25783 SQL Injection vulnerability in Taogogo Taocms 2.5
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search.
network
low complexity
taogogo CWE-89
7.2
2021-12-02 CVE-2021-25784 SQL Injection vulnerability in Taogogo Taocms 2.5
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article.
network
low complexity
taogogo CWE-89
7.2
2021-12-02 CVE-2021-25785 Cross-site Scripting vulnerability in Taogogo Taocms 2.5
Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column.
network
low complexity
taogogo CWE-79
4.8
2019-02-11 CVE-2019-7720 Code Injection vulnerability in Taogogo Taocms
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
network
low complexity
taogogo CWE-94
critical
9.8