Vulnerabilities > Taogogo > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-07 | CVE-2023-1947 | Code Injection vulnerability in Taogogo Taocms 3.0.2 A vulnerability was found in taoCMS 3.0.2. | 9.8 |
| 2023-01-30 | CVE-2022-48006 | Unrestricted Upload of File with Dangerous Type vulnerability in Taogogo Taocms 3.0.2 An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2023-01-26 | CVE-2022-46998 | Server-Side Request Forgery (SSRF) vulnerability in Taogogo Taocms 3.0.2 An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF). | 9.8 |
| 2022-08-23 | CVE-2022-36261 | Path Traversal vulnerability in Taogogo Taocms 3.0.2 An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt | 9.1 |
| 2022-08-15 | CVE-2022-36262 | Code Injection vulnerability in Taogogo Taocms 3.0.2 An issue was discovered in taocms 3.0.2. | 9.8 |
| 2022-03-23 | CVE-2022-23880 | Unrestricted Upload of File with Dangerous Type vulnerability in Taogogo Taocms 3.0.2 An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2022-03-21 | CVE-2022-25505 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 Taocms v3.0.2 was discovered to contain a SQL injection vulnerability via the id parameter in \include\Model\Category.php. | 9.8 |
| 2022-03-18 | CVE-2022-25578 | Code Injection vulnerability in Taogogo Taocms 3.0.2 taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. | 9.8 |
| 2022-01-19 | CVE-2021-46204 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. | 9.8 |
| 2021-12-14 | CVE-2021-45014 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26 | 9.8 |