266 matches found
JVN#14706307: Multiple vulnerabilities in a-blog cms
a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2022-24374 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:M/Au:S/C:N/I:P/A:N| Base Score: 3.5...
CVE-2020-20605
Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...
Cross site scripting
Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...
CVE-2020-20605
Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...
CVE-2020-20605
CVE-2020-20605 affects Blog CMS v1.0, with a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component. The vulnerability is corroborated across multiple sources (NVD/NVD-derived and related feeds) and targets a PHP/MySQL BlogCMS; key impact details indicat...
SourceCodester Fantastic Blog CMS SQL Injection Vulnerability
SourceCodester Fantastic Blog CMS is an application. Absolutely brilliant web content management system for blogs/posts. SourceCodester Fantastic Blog CMS has a security vulnerability that can be exploited by attackers to execute arbitrary SQL statements via the id parameter to category.php...
SourceCodester Fantastic-Blog-CMS Cross-Site Scripting Vulnerability
SourceCodester Fantastic-Blog-CMS is an application. A blogging system. version 1.0 of SourceCodester Fantastic-Blog-CMS contains a security vulnerability that can be exploited by remote attackers to inject arbitrary web script or HTML via the search field search.php...
CVE-2021-26224
Cross-site scripting XSS vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php...
CVE-2021-26224
Cross-site scripting XSS vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php...
CVE-2021-26224
CVE-2021-26224 : A cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS v1.0 allows remote attackers to inject arbitrary web script or HTML via the search field (search.php). The connected references confirm the affected product/version and the input vector, but no detail...
CVE-2021-26231
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php...
Sql injection
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php...
CVE-2021-26231
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php...
CVE-2021-26231
CVE-2021-26231 affects SourceCodester Fantastic Blog CMS v1.0. The vulnerability is an SQL injection in category.php via the id parameter, allowing remote attackers to execute arbitrary SQL statements. Reported impact includes high severity (CVSS v3.1: 9.8, CRITICAL) with network exposure and no ...
SourceCodester Fantastic-Blog-CMS 跨站脚本漏洞
SourceCodester Fantastic-Blog-CMS is an application. A blogging system. version 1.0 of SourceCodester Fantastic-Blog-CMS contains a security vulnerability that can be exploited by remote attackers to inject arbitrary web script or HTML via the search field search.php...
SourceCodester Fantastic Blog CMS SQL注入漏洞
SourceCodester Fantastic Blog CMS is an application. Absolutely brilliant web content management system for blogs/posts. SourceCodester Fantastic Blog CMS has a security vulnerability that can be exploited by attackers to execute arbitrary SQL statements via the id parameter to category.php...
Bludit File Upload Vulnerability
Bludit is an open source, lightweight blog content management system CMS. A file upload vulnerability exists in Bludit version 3.12.0, which originates from a file upload found in the file path bl-plugins backup plugin.php, and can be exploited by an attacker to gain administrator privileges and ...
ZrLog is vulnerable to XSS
ZrLog is a blog/CMS program developed in Java. ZrLog suffers from an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...
CVE-2019-6033
Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 Ver.2.10.x, Ver.2.9.26 Ver.2.9.x, and Ver.2.8.64 Ver.2.8.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-6033
Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 Ver.2.10.x, Ver.2.9.26 Ver.2.9.x, and Ver.2.8.64 Ver.2.8.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...