7739 matches found
PrestaShop Theme Volty CMS Blog - SQL Injection
In the module 'Theme Volty CMS Blog' tvcmsblog up to versions 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. id: CVE-2023-39650 info: name: PrestaShop Theme Volty CMS Blog - SQL Injection author: mastercho severity: critical description: | In the...
Jms Blog - SQL Injection
The module Jms Blog jmsblog from Joommasters contains a Time Based SQL injection vulnerability. This module is for the PrestaShop e-commerce platform and mainly provided with joommasters PrestaShop themes id: CVE-2023-27034 info: name: Jms Blog - SQL Injection author: MaStErChO severity: critical...
News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion
The News & Blog Designer Pack WordPress plugin up to version 3.4.1 contains a remote code execution caused by local file inclusion in the bdpgetmorepost function, letting unauthenticated attackers include arbitrary PHP files, exploit requires AJAX request with crafted POST data. id: CVE-2023-5815...
Joomla! Component MMS Blog 2.3.0 - Local File Inclusion
A directory traversal vulnerability in the MMS Blog commmsblog component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1491 info: name: Joomla! Component MMS Blo...
Moving Forward Responsibly: Our 2025 Impact Report
...
EUVD-2026-39668
Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...
CVE-2026-57663
Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...
CVE-2020-7611
creationtimestamp| type| source ---|---|--- 2026-06-25 07:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp3ulwwgc62r...
CVE-2020-10374
creationtimestamp| type| source ---|---|--- 2026-06-25 06:37:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp3swbwyyt2n...
CVE-2020-12016
creationtimestamp| type| source ---|---|--- 2026-06-25 03:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp3iugasc72y...
CVE-2020-15324
creationtimestamp| type| source ---|---|--- 2026-06-25 01:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp3c5tfnmz2k...
CVE-2020-15321
creationtimestamp| type| source ---|---|--- 2026-06-25 00:07:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp354wcnix24...
CVE-2020-15320
creationtimestamp| type| source ---|---|--- 2026-06-24 23:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp33havf332r...
CVE-2020-14072
creationtimestamp| type| source ---|---|--- 2026-06-24 23:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp2zrn362b2r...
CVE-2020-35797
creationtimestamp| type| source ---|---|--- 2026-06-24 20:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp2rfgbdw52i...
CVE-2020-29594
creationtimestamp| type| source ---|---|--- 2026-06-24 18:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp2iz6alav2n...
PT-2026-51695
Name of the Vulnerable Software and Affected Versions 24liveblog versions prior to 2.3 Description The 24liveblog plugin for WordPress allows unauthorized data modification because the update lb24 token AJAX function lacks a proper capability check. The handler verifies the 'lb24' nonce but fails...
CVE-2020-15331
creationtimestamp| type| source ---|---|--- 2026-06-23 21:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3moycm4u2bq2k...
WordPress 24liveblog – live blog tool plugin <= 2.2 - Missing Authorization to Authenticated (Author+) Settings Modification vulnerability
Missing Authorization to Authenticated Author+ Settings Modification vulnerability discovered by g0wthr in WordPress Plugin 24liveblog – live blog tool versions = 2.2...
CVE-2023-34738
creationtimestamp| type| source ---|---|--- 2026-06-23 16:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3moxtjddrt62r...