An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field.
References
Link | Resource |
---|---|
https://github.com/taogogo/taocms/issues | Issue Tracking Third Party Advisory |
https://github.com/taogogo/taocms/issues/23 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-01T16:42:36
Updated: 2022-03-01T16:42:36
Reserved: 2022-01-18T00:00:00
Link: CVE-2022-23387
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-01T17:15:08.120
Modified: 2022-03-09T13:51:37.837
Link: CVE-2022-23387
JSON object: View
Redhat Information
No data.
CWE