taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS).
CVSS Score
6.1
EPSS Score
0.001
Published
2023-07-05
Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-06-20
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search.
CVSS Score
7.2
EPSS Score
0.003
Published
2021-12-02
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article.
CVSS Score
7.2
EPSS Score
0.003
Published
2021-12-02
Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-12-02
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-02-11