Known Vulnerabilities for products from Taogogo
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Taogogo".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-34654 json | taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS). | 6.1 - MEDIUM | 2023-07-05 | 2023-07-10 |
| CVE-2023-1947 json | A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /a... | 9.8 - CRITICAL | 2023-04-07 | 2023-11-07 |
| CVE-2022-48006 json | An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. Th... | 9.8 - CRITICAL | 2023-01-30 | 2023-02-07 |
| CVE-2022-46998 json | An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF). | 9.8 - CRITICAL | 2023-01-26 | 2023-02-01 |
| CVE-2022-36262 json | An issue was discovered in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying c... | 9.8 - CRITICAL | 2022-08-15 | 2023-11-07 |
| CVE-2022-36261 json | An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when r... | 9.1 - CRITICAL | 2022-08-23 | 2023-11-07 |
| CVE-2022-25578 json | taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. | 9.8 - CRITICAL | 2022-03-18 | 2022-03-28 |
| CVE-2022-25505 json | Taocms v3.0.2 was discovered to contain a SQL injection vulnerability via the id parameter in \include\Model\Category.php. | 9.8 - CRITICAL | 2022-03-21 | 2022-03-29 |
| CVE-2022-23880 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-03-23 | 2022-03-28 |
| CVE-2022-23380 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-03-01 | 2022-03-08 |
| CVE-2022-23316 json | An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php... | 4.9 - MEDIUM | 2022-02-04 | 2022-02-08 |
| CVE-2021-46204 json | Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerabil... | 9.8 - CRITICAL | 2022-01-19 | 2022-01-25 |
| CVE-2021-46203 json | Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. | 6.5 - MEDIUM | 2022-01-19 | 2022-01-25 |
| CVE-2021-45015 json | taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72. | 9.1 - CRITICAL | 2021-12-14 | 2022-07-12 |
| CVE-2021-45014 json | There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26 | 9.8 - CRITICAL | 2021-12-14 | 2021-12-15 |
| CVE-2021-44983 json | In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download vulnerability at the File Management ... | 4.9 - MEDIUM | 2022-02-04 | 2022-02-08 |
| CVE-2021-44969 json | Taocms v3.0.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Management Column component. | 4.8 - MEDIUM | 2022-02-10 | 2022-02-16 |
| CVE-2021-44915 json | Taocms 3.0.2 was discovered to contain a blind SQL injection vulnerability via the function Edit category. | 7.2 - HIGH | 2022-07-05 | 2022-07-13 |
| CVE-2021-34167 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-02-24 | 2023-03-03 |
| CVE-2021-25785 json | Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column. | 4.8 - MEDIUM | 2021-12-02 | 2021-12-03 |
Known software with vulnerabilities from Taogogo
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Taogogo | Taocms | 2014-05-24 |