taogogo CVE 脆弱性と CVE 一覧(25)

製品(CPE): — CVE 件数: 25

taogogo 脆弱性概要

taogogo 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主に パス処理の欠陥 and vendor risk cross-site scripting などに関し、一部は vendor impact data exposure を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 120 / 25 CVE 件数
«« 先頭 « 前へ 1 / 2 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2024-33350 Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary code and obtain sensitive information via the include/model/file.php component. [email protected] 9.8 1.82% 2024-04-29 2026-06-17
CVE-2023-34654 taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS). [email protected] 6.1 0.44% 2023-07-05 2026-06-17
CVE-2020-20725 Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php. [email protected] 6.1 0.46% 2023-06-20 2026-06-16
CVE-2023-1947 A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225330 is the identifier assigned to this vulnerability. [email protected] 6.3 1.06% 2023-04-07 2026-06-17
CVE-2021-34167 Cross Site Request Forgery (CSRF) vulnerability in taoCMS 3.0.2 allows remote attackers to gain escalated privileges via taocms/admin/admin.php. [email protected] 8.8 0.36% 2023-02-24 2026-06-16
CVE-2022-48006 An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php. [email protected] 9.8 0.94% 2023-01-30 2026-06-17
CVE-2022-46998 An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF). [email protected] 9.8 1.14% 2023-01-26 2026-06-17
CVE-2022-36261 An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt [email protected] 9.1 0.98% 2022-08-23 2026-06-17
CVE-2022-36262 An issue was discovered in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying config.php. [email protected] 9.8 1.48% 2022-08-15 2026-06-17
CVE-2021-44915 Taocms 3.0.2 was discovered to contain a blind SQL injection vulnerability via the function Edit category. [email protected] 7.2 0.88% 2022-07-05 2026-06-17
CVE-2022-23880 An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. [email protected] 9.8 1.62% 2022-03-23 2026-06-17
CVE-2022-25505 Taocms v3.0.2 was discovered to contain a SQL injection vulnerability via the id parameter in \include\Model\Category.php. [email protected] 9.8 1.06% 2022-03-20 2026-06-17
CVE-2022-25578 taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. [email protected] 9.8 1.75% 2022-03-18 2026-06-17
CVE-2022-23380 There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit. [email protected] 8.8 0.95% 2022-03-01 2026-06-17
CVE-2021-44969 Taocms v3.0.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Management Column component. [email protected] 4.8 0.49% 2022-02-10 2026-06-17
CVE-2021-44983 In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download vulnerability at the File Management column. [email protected] 4.9 1.11% 2022-02-04 2026-06-17
CVE-2022-23316 An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt. [email protected] 4.9 1.00% 2022-02-04 2026-06-17
CVE-2021-46204 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php. [email protected] 9.8 1.09% 2022-01-19 2026-06-17
CVE-2021-46203 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. [email protected] 6.5 1.06% 2022-01-19 2026-06-17
CVE-2021-45015 taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72. [email protected] 9.1 1.19% 2021-12-14 2026-06-17
«« 先頭 « 前へ 1 / 2 次へ »
cvelogic Threat Intelligence