Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Tadtools ProjectTadtools*

3 matches found

CVE
CVEadded 2021/10/08 4:15 p.m.29 views

CVE-2021-41566

The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.

9.8CVSS9.9AI score0.02197EPSS
CVE
CVEadded 2021/10/08 4:15 p.m.28 views

CVE-2021-41975

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in.

9.1CVSS8.5AI score0.0044EPSS
CVE
CVEadded 2021/10/08 4:15 p.m.27 views

CVE-2021-41565

TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.

6.1CVSS6.1AI score0.00311EPSS