3669 matches found
CVE-2026-21632 Joomla! Core - [20260304] - XSS vectors in various article title outputs
Lack of output escaping for article titles leads to XSS vectors in various locations...
CVE-2026-21632
Lack of output escaping for article titles leads to XSS vectors in various locations...
CI4MS 跨站脚本漏洞
CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability occurred due to improper handling of user input when creating or editing blog articles, which could lead to storage-based...
Joomla! CMS 跨站脚本漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site scripting vulnerability, which stems from the lack of output escaping in article titles, potentially leading to cross-site scripting attacks...
PT-2026-29504
Name of the Vulnerable Software and Affected Versions versions affected versions not specified Description A lack of output escaping for article titles creates cross-site scripting XSS vectors in multiple areas. Recommendations At the moment, there is no information about a newer version that...
CI4MS 跨站脚本漏洞
CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of user input when creating or editing blog articles in the category section, which could lea...
baserCMS 跨站脚本漏洞
BaserCMS is a corporate-level content management system CMS developed by the baserCMS team. Versions of baserCMS prior to 5.2.3 had a cross-site scripting vulnerability; this vulnerability originated from a blog article-related feature module and made it susceptible to cross-site scripting attack...
CVE-2026-4616
A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...
CVE-2019-25640
Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information...
CVE-2019-25640 Inout Article Base CMS Lastest SQL Injection via portalLogin.php
Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information...
CVE-2026-4616
A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...
CVE-2026-4616 bolo-blog Article Title article cross site scripting
A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...
CVE-2026-4616 bolo-blog Article Title article cross site scripting
A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...
CVE-2026-4616
A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...
CVE-2026-4616
CVE-2026-4616 affects bolo-blog 2.6.4, specifically the Article Title Handler component in /console/article/. The vulnerability arises from manipulating the articleTitle argument, enabling cross-site scripting. Exploitation is remote and an exploit has been publicly released; the project was info...
bolo-solo 代码注入漏洞
Bolo-Solo is a blog system developed under the open source Bolo-Blog project. Version 2.6.4 of Bolo-Solo contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter articleTitle in the file /console/article/. It may lead to cross-site scripting attac...
PT-2026-27273
A security flaw has been discovered in bolo-blog 까지 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the attac...
Nesote Inout Article Base CMS SQL注入漏洞
Nesote Inout Article Base CMS is a content management system developed by the Indian company Nesote, designed for building article publishing and content management websites. The Inout Article Base CMS has a SQL injection vulnerability. This vulnerability stems from SQL injection attacks, allowin...
WordPress plugin Build App Online 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Raytha CMS 跨站脚本漏洞
Raytha CMS is a content management system developed by the American company Raytha. Versions of Raytha CMS prior to 1.4.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from the FieldValues1.Value parameter in the article editing function, which allowed for stored...