7703 matches found
CVE-2025-0460 Blog Botz for Journal Theme blog_add unrestricted upload
A vulnerability, which was classified as critical, was found in Blog Botz for Journal Theme 1.0 on OpenCart. This affects an unknown part of the file /index.php?route=extension/module/blogadd. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the atta...
CVE-2025-0460
The CVE-2025-0460 entry concerns Blog Botz for Journal Theme 1.0 on OpenCart. Affected: Blog Botz for Journal Theme, version 1.0, via the endpoint /index.php?route=extension/module/blog_add. Root cause: manipulation of the image parameter enables unrestricted file upload. Impact: remote attacker ...
PT-2025-3896 · Opencart · Blog Botz For Journal Theme
Name of the Vulnerable Software and Affected Versions: Blog Botz for Journal Theme version 1.0 on OpenCart Description: A critical vulnerability was found in Blog Botz for Journal Theme on OpenCart, affecting an unknown part of the file /index.php?route=extension/module/blog add. The manipulation...
Exploit for CVE-2024-9932
CVE-2024-9932-POC Description: The Wux Blog Editor WordPre...
CVE-2024-13204
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /blog-details.php. The manipulation of the argument blogid leads to sql injection. The attack can be launched remotely. The...
CVE-2024-13202
A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument...
CVE-2024-13201
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the...
CVE-2024-13202
A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument...
CVE-2024-13201
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the...
CVE-2024-13200
A vulnerability, which was classified as critical, was found in wander-chu SpringBoot-Blog 1.0. This affects the function preHandle of the file src/main/java/com/my/blog/website/interceptor/BaseInterceptor.java of the component HTTP POST Request Handler. The manipulation leads to improper access...
CVE-2024-13204 kurniaramadhan E-Commerce-PHP blog-details.php sql injection
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /blog-details.php. The manipulation of the argument blogid leads to sql injection. The attack can be launched remotely. The...
CVE-2024-13204 kurniaramadhan E-Commerce-PHP blog-details.php sql injection
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /blog-details.php. The manipulation of the argument blogid leads to sql injection. The attack can be launched remotely. The...
CVE-2024-13204
CVE-2024-13204 affects kurniaramadhan E-Commerce-PHP 1.0. The vulnerable component is the /blog-details.php file, where manipulating the blog_id parameter triggers a SQL injection. Exploitation is described as remote with the exploit publicly disclosed. Multiple sources corroborate the issue and ...
CVE-2024-13202 wander-chu SpringBoot-Blog Blog Article PageController.java modifiyArticle cross site scripting
A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument...
CVE-2024-13202 wander-chu SpringBoot-Blog Blog Article PageController.java modifiyArticle cross site scripting
A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument...
CVE-2024-13202
CVE-2024-13202 affects wander-chu SpringBoot-Blog 1.0. The vulnerability lies in the function modifiyArticle in file src/main/java/com/my/blog/website/controller/admin/PageController.java of the Blog Article Handler component, where the argument content is manipulated, enabling cross-site scripti...
CVE-2024-13201 wander-chu SpringBoot-Blog Admin Attachment AttachtController.java upload unrestricted upload
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the...
CVE-2024-13201 wander-chu SpringBoot-Blog Admin Attachment AttachtController.java upload unrestricted upload
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/admin/AttachtController.java of the component Admin Attachment Handler. The manipulation of the...
CVE-2024-13201
CVE-2024-13201 affects wander-chu SpringBoot-Blog 1.0 in the Admin Attachment Handler, specifically the upload function in AttachtController.java. The root cause is manipulation of the file argument, enabling unrestricted uploads. Exploitation can be remote, and public disclosures exist. Several ...
CVE-2024-13199
A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can be launched remotel...