Tadtools Project Tadtools — known CVE vulnerabilities
Every CVE whose affected-product data names Tadtools Project Tadtools, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-41566 — CVSS 9.8 (critical): The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute…
CVE-2021-41975 — CVSS 7.5 (high): TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files…
CVE-2021-41565 — CVSS 6.1 (medium): TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript…