Lucene search
K

3669 matches found

Vulnrichment
Vulnrichment
added 2026/04/01 9:3 a.m.4 views

CVE-2026-21632 Joomla! Core - [20260304] - XSS vectors in various article title outputs

Lack of output escaping for article titles leads to XSS vectors in various locations...

8.4CVSS5.8AI score0.0019EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/01 9:3 a.m.2 views

CVE-2026-21632

Lack of output escaping for article titles leads to XSS vectors in various locations...

8.4CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.8 views

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability occurred due to improper handling of user input when creating or editing blog articles, which could lead to storage-based...

9.1CVSS5.7AI score0.00317EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.6 views

Joomla! CMS 跨站脚本漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site scripting vulnerability, which stems from the lack of output escaping in article titles, potentially leading to cross-site scripting attacks...

8.4CVSS5.6AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29504

Name of the Vulnerable Software and Affected Versions versions affected versions not specified Description A lack of output escaping for article titles creates cross-site scripting XSS vectors in multiple areas. Recommendations At the moment, there is no information about a newer version that...

8.4CVSS5.7AI score0.0019EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.8 views

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of user input when creating or editing blog articles in the category section, which could lea...

9.1CVSS5.7AI score0.00269EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.7 views

baserCMS 跨站脚本漏洞

BaserCMS is a corporate-level content management system CMS developed by the baserCMS team. Versions of baserCMS prior to 5.2.3 had a cross-site scripting vulnerability; this vulnerability originated from a blog article-related feature module and made it susceptible to cross-site scripting attack...

6.9CVSS7.1AI score0.00233EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4616

A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...

4.8CVSS4.3AI score0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 12:16 p.m.5 views

CVE-2019-25640

Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information...

8.8CVSS0.00334EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.4 views

CVE-2019-25640 Inout Article Base CMS Lastest SQL Injection via portalLogin.php

Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information...

8.8CVSS6AI score0.00334EPSS
Exploits0References3
NVD
NVD
added 2026/03/24 1:17 a.m.7 views

CVE-2026-4616

A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...

4.8CVSS0.00274EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/24 12:16 a.m.3 views

CVE-2026-4616 bolo-blog Article Title article cross site scripting

A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...

4.8CVSS4.3AI score0.00274EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/24 12:16 a.m.30 views

CVE-2026-4616 bolo-blog Article Title article cross site scripting

A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...

4.8CVSS0.00274EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/24 12:16 a.m.6 views

CVE-2026-4616

A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...

4.8CVSS4.3AI score0.00274EPSS
Exploits0References5
CVE
CVE
added 2026/03/24 12:16 a.m.11 views

CVE-2026-4616

CVE-2026-4616 affects bolo-blog 2.6.4, specifically the Article Title Handler component in /console/article/. The vulnerability arises from manipulating the articleTitle argument, enabling cross-site scripting. Exploitation is remote and an exploit has been publicly released; the project was info...

4.8CVSS4.3AI score0.00274EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.7 views

bolo-solo 代码注入漏洞

Bolo-Solo is a blog system developed under the open source Bolo-Blog project. Version 2.6.4 of Bolo-Solo contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter articleTitle in the file /console/article/. It may lead to cross-site scripting attac...

4.8CVSS5.7AI score0.00274EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.8 views

PT-2026-27273

A security flaw has been discovered in bolo-blog 까지 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the attac...

4.8CVSS4.2AI score0.00274EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.9 views

Nesote Inout Article Base CMS SQL注入漏洞

Nesote Inout Article Base CMS is a content management system developed by the Indian company Nesote, designed for building article publishing and content management websites. The Inout Article Base CMS has a SQL injection vulnerability. This vulnerability stems from SQL injection attacks, allowin...

8.8CVSS5.9AI score0.00334EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.7 views

WordPress plugin Build App Online 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.12 views

Raytha CMS 跨站脚本漏洞

Raytha CMS is a content management system developed by the American company Raytha. Versions of Raytha CMS prior to 1.4.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from the FieldValues1.Value parameter in the article editing function, which allowed for stored...

5.4CVSS5.5AI score0.00217EPSS
Exploits0References2
Rows per page
Query Builder