Ddddbhmo

#7886of 53,624
34.8Total CVSS
Vulnerabilities · 5
Medium
1
High
4
PT-2021-16793
7.2
2021-12-02
Taocms · Taocms · CVE-2021-25783
**Name of the Vulnerable Software and Affected Versions** Taocms version 2.5Beta5 **Description** The issue is related to a blind SQL injection vulnerability. It occurs via the `Article Search` function. **Recommendations** For Taocms version 2.5Beta5, consider restricting access to the `Article Search` function until a patch is available. As a temporary workaround, avoid using the `Article Search` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2021-16794
7.2
2021-12-02
Taocms · Taocms · CVE-2021-25784
**Name of the Vulnerable Software and Affected Versions** Taocms version 2.5Beta5 **Description** The issue is related to a blind SQL injection vulnerability. This vulnerability can be exploited via the `Edit Article` function. **Recommendations** For Taocms version 2.5Beta5, consider restricting access to the `Edit Article` function until a patch is available. As a temporary workaround, avoid using the `Edit Article` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2021-16795
4.8
2021-12-02
Taocms · Taocms · CVE-2021-25785
**Name of the Vulnerable Software and Affected Versions** Taocms version 2.5Beta5 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. It affects the Management column component, allowing potential exploitation. **Recommendations** For Taocms version 2.5Beta5, consider restricting access to the Management column component until a fix is available. As a temporary workaround, avoid using the Management column to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2021-11904
8.1
2021-06-03
Bottle · Bottle · CVE-2020-36008
Name of the Vulnerable Software and Affected Versions: OBottle version 2.0 Description: The issue is related to an arbitrary file write vulnerability in the `ct.php` file of OBottle. Recommendations: For OBottle version 2.0, consider restricting access to the `ct.php` file until a patch is available.
PT-2021-11905
7.5
2021-06-03
Bottle · Bottle · CVE-2020-36009
Name of the Vulnerable Software and Affected Versions: OBottle version 2.0 Description: The issue is related to an arbitrary file download vulnerability in the `c/g.php` file of OBottle. This vulnerability allows for the download of arbitrary files. Recommendations: For OBottle version 2.0, consider restricting access to the `c/g.php` file until a patch is available. As a temporary workaround, avoid using the vulnerable file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.