3 matches found
Exploit for SQL Injection in Ghost
CVE-2026-26980 👻 Ghost CMS Unauthenticated SQLi via Content...
GHSA-5FP7-G646-CCF4 Ghost has Staff 2FA bypass
Impact A vulnerability in Ghost's 2FA mechanism allows staff users to skip email 2FA. Vulnerable versions This vulnerability is present in Ghost v5.105.0 to v5.130.5 to and Ghost v6.0.0 to v6.10.3. Patches v5.130.6 and v6.11.0 contain a fix for this issue. References Ghost thanks Sho Odagiri of G...
ghost-as-middleware (=1.0.0), ghost-blade (=0.1.0) +3 more potentially affected by CVE-2022-27139 via ghost (>=0.11.14 <=1.26.2)
ghost NPM version =0.11.14, =0.1.7, =0.1.10 - persistent-ghost =0.8.2 - sign-alex =1.0.1 Source cves: CVE-2022-27139 Source advisory: OSV:GHSA-FVC6-QJP7-M4G4...