Lucene search
+L

266 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/02/18 12:0 a.m.62 views

JVN#14706307: Multiple vulnerabilities in a-blog cms

a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2022-24374 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:M/Au:S/C:N/I:P/A:N| Base Score: 3.5...

9.8CVSS7.4AI score0.01547EPSS
Exploits0
NVD
NVD
added 2021/12/22 11:15 p.m.23 views

CVE-2020-20605

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

6.1CVSS0.00652EPSS
Exploits1References1
Prion
Prion
added 2021/12/22 11:15 p.m.14 views

Cross site scripting

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

4.3CVSS6AI score0.00652EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/22 10:43 p.m.24 views

CVE-2020-20605

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

6AI score0.00652EPSS
Exploits1References1
CVE
CVE
added 2021/12/22 10:43 p.m.40 views

CVE-2020-20605

CVE-2020-20605 affects Blog CMS v1.0, with a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component. The vulnerability is corroborated across multiple sources (NVD/NVD-derived and related feeds) and targets a PHP/MySQL BlogCMS; key impact details indicat...

6.1CVSS5.9AI score0.00652EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2021/07/23 12:0 a.m.57 views

SourceCodester Fantastic Blog CMS SQL Injection Vulnerability

SourceCodester Fantastic Blog CMS is an application. Absolutely brilliant web content management system for blogs/posts. SourceCodester Fantastic Blog CMS has a security vulnerability that can be exploited by attackers to execute arbitrary SQL statements via the id parameter to category.php...

9.8CVSS6.2AI score0.01536EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/23 12:0 a.m.43 views

SourceCodester Fantastic-Blog-CMS Cross-Site Scripting Vulnerability

SourceCodester Fantastic-Blog-CMS is an application. A blogging system. version 1.0 of SourceCodester Fantastic-Blog-CMS contains a security vulnerability that can be exploited by remote attackers to inject arbitrary web script or HTML via the search field search.php...

6.1CVSS3AI score0.00842EPSS
Exploits1References1
OSV
OSV
added 2021/07/22 7:15 p.m.3 views

CVE-2021-26224

Cross-site scripting XSS vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php...

6.1CVSS5.9AI score0.00842EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/07/22 6:40 p.m.18 views

CVE-2021-26224

Cross-site scripting XSS vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php...

6.2AI score0.00842EPSS
Exploits1References1
CVE
CVE
added 2021/07/22 6:40 p.m.54 views

CVE-2021-26224

CVE-2021-26224 : A cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS v1.0 allows remote attackers to inject arbitrary web script or HTML via the search field (search.php). The connected references confirm the affected product/version and the input vector, but no detail...

6.1CVSS6AI score0.00842EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2021/07/22 5:15 p.m.28 views

CVE-2021-26231

SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php...

9.8CVSS0.01536EPSS
Exploits1References1
Prion
Prion
added 2021/07/22 5:15 p.m.12 views

Sql injection

SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php...

7.5CVSS9.8AI score0.01536EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/22 4:29 p.m.23 views

CVE-2021-26231

SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php...

10AI score0.01536EPSS
Exploits1References1
CVE
CVE
added 2021/07/22 4:29 p.m.50 views

CVE-2021-26231

CVE-2021-26231 affects SourceCodester Fantastic Blog CMS v1.0. The vulnerability is an SQL injection in category.php via the id parameter, allowing remote attackers to execute arbitrary SQL statements. Reported impact includes high severity (CVSS v3.1: 9.8, CRITICAL) with network exposure and no ...

9.8CVSS9.9AI score0.01536EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.4 views

SourceCodester Fantastic-Blog-CMS 跨站脚本漏洞

SourceCodester Fantastic-Blog-CMS is an application. A blogging system. version 1.0 of SourceCodester Fantastic-Blog-CMS contains a security vulnerability that can be exploited by remote attackers to inject arbitrary web script or HTML via the search field search.php...

6.1CVSS5.9AI score0.00842EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.4 views

SourceCodester Fantastic Blog CMS SQL注入漏洞

SourceCodester Fantastic Blog CMS is an application. Absolutely brilliant web content management system for blogs/posts. SourceCodester Fantastic Blog CMS has a security vulnerability that can be exploited by attackers to execute arbitrary SQL statements via the id parameter to category.php...

9.8CVSS6.2AI score0.01536EPSS
Exploits1References2
CNVD
CNVD
added 2021/05/24 12:0 a.m.8 views

Bludit File Upload Vulnerability

Bludit is an open source, lightweight blog content management system CMS. A file upload vulnerability exists in Bludit version 3.12.0, which originates from a file upload found in the file path bl-plugins backup plugin.php, and can be exploited by an attacker to gain administrator privileges and ...

7.2CVSS7.1AI score0.01102EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/31 12:0 a.m.2 views

ZrLog is vulnerable to XSS

ZrLog is a blog/CMS program developed in Java. ZrLog suffers from an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

6AI score
Exploits0
NVD
NVD
added 2019/12/26 4:15 p.m.17 views

CVE-2019-6033

Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 Ver.2.10.x, Ver.2.9.26 Ver.2.9.x, and Ver.2.8.64 Ver.2.8.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.1AI score0.00781EPSS
Exploits0References2
OSV
OSV
added 2019/12/26 4:15 p.m.5 views

CVE-2019-6033

Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 Ver.2.10.x, Ver.2.9.26 Ver.2.9.x, and Ver.2.8.64 Ver.2.8.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score0.00781EPSS
Exploits0References2
Rows per page
Query Builder