CVE-2022-23880

An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-23316

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file=download=../../1.txt...

CVE-2019-7720

taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...

EUVD-2021-12666

Malware in sbrugna...

EUVD-2021-12668

Malware in sbrugna...

EUVD-2021-31767

Malicious code in bioql PyPI...

EUVD-2022-50720

Malicious code in bioql PyPI...

EUVD-2022-49776

Malicious code in bioql PyPI...

EUVD-2021-31813

Malicious code in bioql PyPI...

EUVD-2022-28398

Malicious code in bioql PyPI...

EUVD-2023-24133

Malicious code in bioql PyPI...

CVE-2023-34654

taocms =3.0.2 is vulnerable to Cross Site Scripting XSS...

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

CVE-2022-46998

An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery SSRF...

CVE-2022-25578

taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file...

CVE-2022-36261

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file=del=/../../../test.txt...

CVE-2021-45015

taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72...

CVE-2021-25785

Taocms v2.5Beta5 was discovered to contain a cross-site scripting XSS vulnerability via the component Management column...

CVE-2021-45014

There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms=update=26...

CVE-2024-33350

Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary code and obtain sensitive information via the include/model/file.php component...