Search Results | AttackerKB

Show filters

Topics 95 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

95 Total Results

Displaying 41-50 of 95

Attacker Value

Unknown

CVE-2022-0871

Disclosure Date: March 11, 2022 (last updated February 23, 2025)

Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-0870

Disclosure Date: March 11, 2022 (last updated February 23, 2025)

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-23380

Disclosure Date: March 01, 2022 (last updated February 23, 2025)

There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2021-44969

Disclosure Date: February 10, 2022 (last updated February 23, 2025)

Taocms v3.0.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Management Column component.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2021-44983

Disclosure Date: February 04, 2022 (last updated February 23, 2025)

In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download vulnerability at the File Management column.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2022-23316

Disclosure Date: February 04, 2022 (last updated February 23, 2025)

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file&ctrl=download&path=../../1.txt.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2021-46204

Disclosure Date: January 19, 2022 (last updated February 23, 2025)

Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-46203

Disclosure Date: January 19, 2022 (last updated February 23, 2025)

Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2021-45015

Disclosure Date: December 14, 2021 (last updated February 23, 2025)

taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-45014

Disclosure Date: December 14, 2021 (last updated February 23, 2025)

There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26

Attack Vector: Network Privileges: None User Interaction: None

0