CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7703 matches found

OSV•added 2025/04/14 11:15 p.m.•2 views

CVE-2025-3593

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been declared as critical. This vulnerability affects the function Upload of the file /admin/upload/authorImg/. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely...

9.8CVSS6.2AI score0.00436EPSS

Exploits1References4

NVD•added 2025/04/14 11:15 p.m.•13 views

CVE-2025-3593

9.8CVSS0.00436EPSS

Exploits1References4

Cvelist•added 2025/04/14 10:31 p.m.•15 views

CVE-2025-3593 ZHENFENG13/code-projects My-Blog-layui authorImg upload unrestricted upload

6.5CVSS0.00436EPSS

Exploits1References4

CVE•added 2025/04/14 10:31 p.m.•64 views

CVE-2025-3593

Summary: CVE-2025-3593 concerns ZHENFENG13/code-projects My-Blog-layui 1.0. The flaw is in the upload handler at /admin/upload/authorImg/ where improper handling of the File parameter enables unrestricted file upload. Several connected sources confirm remote exploitation and public disclosure of ...

9.8CVSS6.4AI score0.00436EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/04/14 10:31 p.m.•5 views

CVE-2025-3593 ZHENFENG13/code-projects My-Blog-layui authorImg upload unrestricted upload

6.5CVSS7AI score0.00436EPSS

Exploits1References4

OSV•added 2025/04/14 10:15 p.m.•2 views

CVE-2025-3592

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/v1/link/edit. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.4CVSS3.8AI score0.00306EPSS

Exploits1References4

NVD•added 2025/04/14 10:15 p.m.•10 views

CVE-2025-3592

5.4CVSS0.00306EPSS

Exploits1References4

OSV•added 2025/04/14 10:15 p.m.•1 views

CVE-2025-3591

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/v1/blog/edit. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been...

5.4CVSS3.7AI score

Exploits0References4

NVD•added 2025/04/14 10:15 p.m.•21 views

CVE-2025-3591

5.4CVSS0.00306EPSS

Exploits1References4

Cvelist•added 2025/04/14 10:0 p.m.•17 views

CVE-2025-3592 ZHENFENG13/code-projects My-Blog-layui edit cross site scripting

5.1CVSS0.00306EPSS

Exploits1References4

Vulnrichment•added 2025/04/14 10:0 p.m.•6 views

CVE-2025-3592 ZHENFENG13/code-projects My-Blog-layui edit cross site scripting

5.1CVSS6.2AI score0.00306EPSS

Exploits1References4

CVE•added 2025/04/14 10:0 p.m.•66 views

CVE-2025-3592

CVE-2025-3592 affects ZHENFENG13/code-projects My-Blog-layui 1.0, specifically the /admin/v1/link/edit endpoint. The underlying issue is a cross-site scripting vulnerability in that endpoint’s input handling, which can be triggered remotely and may affect multiple parameters. The vulnerability ha...

5.4CVSS3.7AI score0.00306EPSS

Exploits1References4Affected Software1

Cvelist•added 2025/04/14 10:0 p.m.•25 views

CVE-2025-3591 ZHENFENG13/code-projects My-Blog-layui edit cross site scripting

5.1CVSS0.00306EPSS

Exploits1References4

Vulnrichment•added 2025/04/14 10:0 p.m.•5 views

CVE-2025-3591 ZHENFENG13/code-projects My-Blog-layui edit cross site scripting

5.1CVSS6.2AI score0.00306EPSS

Exploits1References4

CVE•added 2025/04/14 10:0 p.m.•71 views

CVE-2025-3591

The CVE-2025-3591 entry refers to ZHENFENG13/code-projects My-Blog-layui v1.0, where the vulnerability exists in the /admin/v1/blog/edit functionality. It is described as a cross-site scripting issue that can be triggered remotely and may affect multiple parameters. The vulnerability’s exploit ha...

5.4CVSS3.6AI score0.00306EPSS

Exploits1References4Affected Software1

CNNVD•added 2025/04/14 12:0 a.m.•1 views

My-Blog-layui 代码注入漏洞

My-Blog-layui is a blog system by ZHENFENG13 individual developer. A code injection vulnerability exists in My-Blog-layui version 1.0, which originates from a cross-site scripting issue in the file /admin/v1/link/edit...

5.4CVSS4.9AI score0.00306EPSS

Exploits1References5

CNNVD•added 2025/04/14 12:0 a.m.•2 views

My-Blog-layui 代码注入漏洞

5.4CVSS4.9AI score0.00306EPSS

Exploits1References5

Positive Technologies•added 2025/04/14 12:0 a.m.•2 views

PT-2025-16274 · Zhenfeng13 · My-Blog-Layui

Name of the Vulnerable Software and Affected Versions: ZHENFENG13/code-projects My-Blog-layui version 1.0 Description: A vulnerability was found in the file /admin/v1/blog/edit, which leads to cross-site scripting. The attack may be launched remotely, and multiple parameters might be affected. Th...

5.1CVSS3.5AI score0.00306EPSS

Exploits1References9

Positive Technologies•added 2025/04/14 12:0 a.m.•2 views

PT-2025-16276 · Zhenfeng13 · My-Blog-Layui

Name of the Vulnerable Software and Affected Versions: ZHENFENG13/code-projects My-Blog-layui version 1.0 Description: A critical vulnerability affects the file upload function of the /admin/upload/authorImg/ endpoint. The manipulation of the File argument leads to unrestricted file upload. The...

6.5CVSS6.2AI score0.00436EPSS

Exploits1References9

CNNVD•added 2025/04/14 12:0 a.m.•2 views

My-Blog-layui 代码问题漏洞

My-Blog-layui is a blog system developed by ZHENFENG13. A code issue exists in My-Blog-layui version 1.0, the vulnerability stems from the wrong operation of the parameter File in the file /admin/upload/authorImg/, which leads to the upload of arbitrary files...

9.8CVSS6.7AI score0.00436EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by