Vulnerabilities > Taogogo > Taocms > 2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-05 | CVE-2023-34654 | Cross-site Scripting vulnerability in Taogogo Taocms 2.5/3.0.1/3.0.2 taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
| 2023-06-20 | CVE-2020-20725 | Cross-site Scripting vulnerability in Taogogo Taocms 2.5 Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php. | 6.1 |
| 2021-12-02 | CVE-2021-25783 | SQL Injection vulnerability in Taogogo Taocms 2.5 Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search. | 7.2 |
| 2021-12-02 | CVE-2021-25784 | SQL Injection vulnerability in Taogogo Taocms 2.5 Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article. | 7.2 |
| 2021-12-02 | CVE-2021-25785 | Cross-site Scripting vulnerability in Taogogo Taocms 2.5 Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column. | 4.8 |
| 2019-02-11 | CVE-2019-7720 | Code Injection vulnerability in Taogogo Taocms taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. | 9.8 |