3 matches found
CVE-2021-41975
TadTools TadTools Special Page vulnerability is an authorization bypass that allows remote attackers to delete arbitrary files without logging in by using a specific parameter. The CVE entry describes this without requiring login, enabling potential remote impact (CVE-2021-41975). Connected sourc...
CVE-2021-41565
CVE-2021-41565 affects Tad Tools TadTools. The issue is a cross-site scripting vulnerability caused by insufficient validation of input on a special page parameter, enabling remote attackers to inject JavaScript without logging in and potentially perform reflective XSS. Primary impact is client-s...
CVE-2021-41566
CVE-2021-41566 affects Tad TadTools and is caused by the file upload function not filtering file extensions. This allows remote attackers to upload arbitrary file types and execute arbitrary code without authentication. NVD lists a CVSS v2 base score of 7.5 (HIGH) and CVSS v3.1 base score of 9.8 ...