Taocms@3.0.2 Security Vulnerabilities and Issues — Taocms@3.0.2 CVE List

Lucene search

TaogogoTaocms3.0.2

4 matches found

CVE•added 2023/01/30 10:15 p.m.•50 views

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php.

9.8CVSS9.5AI score0.00107EPSS

CVE•added 2023/02/24 9:15 p.m.•41 views

CVE-2021-34167

Cross Site Request Forgery (CSRF) vulnerability in taoCMS 3.0.2 allows remote attackers to gain escalated privileges via taocms/admin/admin.php.

8.8CVSS8.9AI score0.00231EPSS

CVE•added 2023/01/26 9:18 p.m.•34 views

CVE-2022-46998

An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF).

9.8CVSS9.4AI score0.00322EPSS

CVE•added 2023/04/07 11:15 p.m.•31 views

CVE-2023-1947

A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-2253...

9.8CVSS8.4AI score0.00117EPSS