Vulnerabilities > Taogogo > Taocms > 3.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-18 | CVE-2022-25578 | Code Injection vulnerability in Taogogo Taocms 3.0.2 taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. | 9.8 |
2022-03-01 | CVE-2022-23380 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit. | 6.5 |
2022-02-10 | CVE-2021-44969 | Cross-site Scripting vulnerability in Taogogo Taocms 3.0.2 Taocms v3.0.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Management Column component. | 3.5 |
2022-02-04 | CVE-2022-23316 | Files or Directories Accessible to External Parties vulnerability in Taogogo Taocms 3.0.2 An issue was discovered in taoCMS v3.0.2. | 4.0 |
2022-01-19 | CVE-2021-46203 | Path Traversal vulnerability in Taogogo Taocms 3.0.2 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. | 4.0 |
2022-01-19 | CVE-2021-46204 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. | 7.5 |
2021-12-14 | CVE-2021-45014 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26 | 7.5 |
2021-12-14 | CVE-2021-45015 | Path Traversal vulnerability in Taogogo Taocms 3.0.2 taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72. | 6.4 |