Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2022-23810
HistoryFeb 24, 2022 - 9:50 a.m.

CVE-2022-23810

2022-02-2409:50:28
jpcert
www.cve.org
4
template injection
a-blog cms
cve-2022-23810
file access

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

38.8%

JSON

Template injection (Improper Neutralization of Special Elements Used in a Template Engine) vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows a remote authenticated attacker to obtain an arbitrary file on the server via unspecified vectors.

CNA Affected

[
  {
    "product": "a-blog cms",
    "vendor": "appleple inc.",
    "versions": [
      {
        "status": "affected",
        "version": "Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1"
      }
    ]
  }
]

Related

cve 1
prion 1
nvd 1
jvn 1
cve
cve
CVE-2022-23810
2022-02-24 15:15:28
prion
prion
Sql injection
2022-02-24 15:15:00
nvd
nvd
CVE-2022-23810
2022-02-24 15:15:28
jvn
jvn
JVN#14706307: Multiple vulnerabilities in a-blog cms
2022-02-18 00:00:00

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

38.8%

JSON
Related for CVELIST:CVE-2022-23810
cve1prion1nvd1jvn1