Lucene search
+L

266 matches found

Vulnrichment
Vulnrichment
added 2024/01/23 9:39 a.m.5 views

CVE-2024-23348

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...

7.5AI score0.0069EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/23 9:39 a.m.22 views

CVE-2024-23348

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...

8.7AI score0.0069EPSS
Exploits0References2
CVE
CVE
added 2024/01/23 9:39 a.m.50 views

CVE-2024-23348

CVE-2024-23348 concerns a-blog cms with multiple vulnerable lines due to improper input validation, allowing a remote authenticated attacker to execute arbitrary JavaScript by uploading a specially crafted SVG file. Affected versions include: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before...

8.8CVSS8.4AI score0.0069EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/23 9:39 a.m.2 views

CVE-2024-23183

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated...

5.7AI score0.00361EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/23 9:39 a.m.27 views

CVE-2024-23183

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated...

6.3AI score0.00361EPSS
Exploits0References2
CVE
CVE
added 2024/01/23 9:39 a.m.57 views

CVE-2024-23183

CVE-2024-23183 describes multiple XSS vulnerabilities in a-blog cms. Affected versions include 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issues allow a remote authenticated attacker to execute arbitrary scripts in the logged-...

5.4CVSS6AI score0.00361EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/01/23 9:38 a.m.28 views

CVE-2024-23182

Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticate...

8.1AI score0.00749EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/23 9:38 a.m.4 views

CVE-2024-23182

Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticate...

6.9AI score0.00749EPSS
Exploits0References2
CVE
CVE
added 2024/01/23 9:38 a.m.59 views

CVE-2024-23182

The CVE-2024-23182 issue is a relative path traversal vulnerability in a-blog cms across multiple version lines: 2.9.0 and earlier; 2.10.x up to 2.10.49; 2.11.x up to 2.11.57; 3.0.x up to 3.0.28; and 3.1.x up to 3.1.6. An authenticated remote attacker can delete arbitrary files on the server. Mit...

8.1CVSS7.8AI score0.00749EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/01/23 9:38 a.m.34 views

CVE-2024-23181

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated...

7.1AI score0.00411EPSS
Exploits0References2
CVE
CVE
added 2024/01/23 9:38 a.m.54 views

CVE-2024-23181

CVE-2024-23181 concerns a-blog cms. The Red Hat, NVD, and JVN-enriched records identify a cross-site scripting vulnerability in a-blog cms versions: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issue allows a remote unauthentica...

6.1CVSS6.8AI score0.00411EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/23 9:38 a.m.3 views

CVE-2024-23181

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated...

6.6AI score0.00411EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/23 9:37 a.m.18 views

CVE-2024-23180

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...

7.5AI score0.00918EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/23 9:37 a.m.28 views

CVE-2024-23180

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...

8.9AI score0.00918EPSS
Exploits0References2
CVE
CVE
added 2024/01/23 9:37 a.m.57 views

CVE-2024-23180

CVE-2024-23180 affects a-blog cms with multiple vulnerable branches: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issue is an improper input validation vulnerability that allows a remote authenticated attacker to execute arbitra...

8.8CVSS8.6AI score0.00918EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.6 views

PT-2024-19700 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 2.9.1 a-blog cms versions 2.9.0 and earlier a-blog cms versions 2.10.x through 2.10.49 a-blog cms versions 2.11.x through 2.11.57 a-blog cms versions 3.0.x through 3.0.28 a-blog cms versions 3.1.x through 3.1.6...

8.1CVSS7.8AI score0.00749EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.6 views

PT-2024-19827 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue is related to improper input...

8.8CVSS8.4AI score0.0069EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.18 views

PT-2024-19699 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue allows a remote unauthenticated...

6.1CVSS6.2AI score0.00411EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.6 views

PT-2024-19701 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue allows a remote authenticated attacke...

5.4CVSS5.3AI score0.00361EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.5 views

a-blog cms security breach

a-blog cms is a Japanese content management system CMS. A security vulnerability exists in a-blog cms. A remote attacker can exploit this vulnerability to execute arbitrary scripts on a logged-in user's web browser. The following versions are affected: versions 3.1.x through 3.1.7 and earlier,...

5.4CVSS7.3AI score0.00361EPSS
Exploits0References3
Rows per page
Query Builder