Taocms SQL Injection Vulnerability

2022-01-2300:00:00

China National Vulnerability Database

www.cnvd.org.cn

taocms

sql injection

vulnerability

china

content management system

filtering

escaping

taocmsincludemodelarticle.php

illegal commands

sensitive data

cnvd

EPSS

0.002

Percentile

59.3%

JSON

Taocms is a micro Cms (content management system) in China. taocms has a SQL injection vulnerability in v3.0.2, which stems from the lack of effective filtering and escaping of SQL statements in taocmsincludeModelArticle.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.

EPSS

0.002

Percentile

59.3%

JSON

Related for CNVD-2022-08025