Vulnerabilities > Taogogo > Taocms > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-04-07 CVE-2023-1947 Code Injection vulnerability in Taogogo Taocms 3.0.2
A vulnerability was found in taoCMS 3.0.2.
network
low complexity
taogogo CWE-94
critical
 9.8
9.8
2023-01-30 CVE-2022-48006 Unrestricted Upload of File with Dangerous Type vulnerability in Taogogo Taocms 3.0.2
An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file.
network
low complexity
taogogo CWE-434
critical
 9.8
9.8
2023-01-26 CVE-2022-46998 Server-Side Request Forgery (SSRF) vulnerability in Taogogo Taocms 3.0.2
An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF).
network
low complexity
taogogo CWE-918
critical
 9.8
9.8
2022-08-23 CVE-2022-36261 Path Traversal vulnerability in Taogogo Taocms 3.0.2
An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt
network
low complexity
taogogo CWE-22
critical
 9.1
9.1
2022-08-15 CVE-2022-36262 Code Injection vulnerability in Taogogo Taocms 3.0.2
An issue was discovered in taocms 3.0.2.
network
low complexity
taogogo CWE-94
critical
 9.8
9.8
2022-03-18 CVE-2022-25578 Code Injection vulnerability in Taogogo Taocms 3.0.2
taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file.
network
low complexity
taogogo CWE-94
critical
 9.8
9.8