266 matches found
CVE-2024-23348
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...
CVE-2024-23348
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...
CVE-2024-23348
CVE-2024-23348 concerns a-blog cms with multiple vulnerable lines due to improper input validation, allowing a remote authenticated attacker to execute arbitrary JavaScript by uploading a specially crafted SVG file. Affected versions include: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before...
CVE-2024-23183
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated...
CVE-2024-23183
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated...
CVE-2024-23183
CVE-2024-23183 describes multiple XSS vulnerabilities in a-blog cms. Affected versions include 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issues allow a remote authenticated attacker to execute arbitrary scripts in the logged-...
CVE-2024-23182
Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticate...
CVE-2024-23182
Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticate...
CVE-2024-23182
The CVE-2024-23182 issue is a relative path traversal vulnerability in a-blog cms across multiple version lines: 2.9.0 and earlier; 2.10.x up to 2.10.49; 2.11.x up to 2.11.57; 3.0.x up to 3.0.28; and 3.1.x up to 3.1.6. An authenticated remote attacker can delete arbitrary files on the server. Mit...
CVE-2024-23181
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated...
CVE-2024-23181
CVE-2024-23181 concerns a-blog cms. The Red Hat, NVD, and JVN-enriched records identify a cross-site scripting vulnerability in a-blog cms versions: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issue allows a remote unauthentica...
CVE-2024-23181
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated...
CVE-2024-23180
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...
CVE-2024-23180
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...
CVE-2024-23180
CVE-2024-23180 affects a-blog cms with multiple vulnerable branches: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issue is an improper input validation vulnerability that allows a remote authenticated attacker to execute arbitra...
PT-2024-19700 · Unknown · A-Blog Cms
Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 2.9.1 a-blog cms versions 2.9.0 and earlier a-blog cms versions 2.10.x through 2.10.49 a-blog cms versions 2.11.x through 2.11.57 a-blog cms versions 3.0.x through 3.0.28 a-blog cms versions 3.1.x through 3.1.6...
PT-2024-19827 · Unknown · A-Blog Cms
Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue is related to improper input...
PT-2024-19699 · Unknown · A-Blog Cms
Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue allows a remote unauthenticated...
PT-2024-19701 · Unknown · A-Blog Cms
Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue allows a remote authenticated attacke...
a-blog cms security breach
a-blog cms is a Japanese content management system CMS. A security vulnerability exists in a-blog cms. A remote attacker can exploit this vulnerability to execute arbitrary scripts on a logged-in user's web browser. The following versions are affected: versions 3.1.x through 3.1.7 and earlier,...