CVE-2024-28713

An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature...

CVE-2024-28713

An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature...

Mblog 安全漏洞

langhsu mblog is langhsu open source an application system . Open source Java blog system , support for multi-user , support for switching themes . Mblog v.3.5.0 version has a security vulnerability . Attackers use the vulnerability through a specially crafted file on the theme management functio...

PT-2024-22533

Name of the Vulnerable Software and Affected Versions Mblog Blog system version 3.5.0 Description An issue in the theme management feature allows an attacker to execute arbitrary code via a crafted file. Recommendations For Mblog Blog system version 3.5.0, consider disabling the theme management...

CVE-2024-28713

An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature...

CVE-2024-27279

Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a use...

Thinu-CMS Blog System 1.5 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

XiaoBingby TeaCMS 授权问题漏洞

XiaoBingBy TeaCMS is a blog system by xiaobingby personal developer. A security vulnerability exists in XiaoBingby TeaCMS 2.3.3, which stems from an unauthorized access issue in the system that can be exploited by an attacker to elevate privileges via the id and keywords parameters...

FlatPress has an unspecified vulnerability

FlatPress is a Php-based blog building system from the FlatPress community that does not require database support. flatpressblog/flatpress has a security vulnerability that stems from PHP remote file inclusion. No details of the vulnerability are currently available...

FlatPress 安全漏洞

FlatPress is a Php-based blog building system from the FlatPress community that does not require database support. flatpressblog/flatpress has a security vulnerability that stems from PHP remote file inclusion. No details of the vulnerability are currently available...

Halo 代码问题漏洞

Halo is a personal blog system for individual developers. A security vulnerability exists in Halo Blog CMS version 1.4.17, which can be exploited by attackers to upload arbitrary files via the attachment upload feature...

Logic flaw vulnerability in the backend of the mayday blog system

mayday blog system is based on springboot, mybatis, ehcache, thymeleaf, bootstrap to do the blog system , support markdown editor Java blog system . mayday blog system backend there is a logic flaw vulnerability. Attackers can use the vulnerability to bypass authentication and obtain sensitive...

Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26119)

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5.0 suffers from a cross-site scripting vulnerability. Attackers can use the /post/editing post header field to inject arbitrary Web script or HTML...

Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26164)

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 cross-site scripting vulnerability , an attacker can /settings/profile of the signature field to exploit the vulnerability to inject arbitrary Web script or HTML...

Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26163)

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 has a cross-site scripting vulnerability , the vulnerability stems from post editing via the post content field . An attacker can use this vulnerability to inject arbitrary Web script or HT...

langhsu mblog 跨站脚本漏洞

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5.0 suffers from a cross-site scripting vulnerability. Attackers can use the /post/editing post header field to inject arbitrary Web script or HTML...

Mblog open source Java blog system has XSS vulnerability

Mblog open source Java blog system , support for multiple users , support for switching themes and so on. Mblog open source Java blog system has an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

Mblog open source Java blog system has a logic flaw vulnerability

Mblog is a Java language development , support for mysql/h2 database , using spring-boot, jpa, shiro, bootstrap and other popular frameworks for the development of open source free blog system . Mblog open source Java blog system has a logic flaw vulnerability , an attacker can use the...

XSS Vulnerability in mblog Blog System

mblog is a Java language development , support for mysql/h2 database , using spring-boot, jpa, shiro, bootstrap and other popular frameworks for the development of open-source free blog system . mblog blog system has an XSS vulnerability , an attacker can exploit the vulnerability to obtain user...

MileagePHP open source blog system has an arbitrary directory deletion vulnerability

MileageMi is a ThinkPHP open source blogging system. MileageMi PHP open source blog system has an arbitrary directory deletion vulnerability that can be exploited by attackers to delete directory files...