CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7703 matches found

CVE•added 2024/01/23 9:39 a.m.•54 views

CVE-2024-23183

CVE-2024-23183 describes multiple XSS vulnerabilities in a-blog cms. Affected versions include 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issues allow a remote authenticated attacker to execute arbitrary scripts in the logged-...

5.4CVSS6AI score0.00361EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/01/23 9:38 a.m.•4 views

CVE-2024-23182

Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticate...

6.9AI score0.00749EPSS

Exploits0References2

CVE•added 2024/01/23 9:38 a.m.•49 views

CVE-2024-23182

The CVE-2024-23182 issue is a relative path traversal vulnerability in a-blog cms across multiple version lines: 2.9.0 and earlier; 2.10.x up to 2.10.49; 2.11.x up to 2.11.57; 3.0.x up to 3.0.28; and 3.1.x up to 3.1.6. An authenticated remote attacker can delete arbitrary files on the server. Mit...

8.1CVSS7.8AI score0.00749EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/01/23 9:38 a.m.•18 views

CVE-2024-23182

8.1AI score0.00749EPSS

Exploits0References2

Cvelist•added 2024/01/23 9:38 a.m.•24 views

CVE-2024-23181

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated...

7.1AI score0.00411EPSS

Exploits0References2

Vulnrichment•added 2024/01/23 9:38 a.m.•3 views

CVE-2024-23181

6.6AI score0.00411EPSS

Exploits0References2

CVE•added 2024/01/23 9:38 a.m.•46 views

CVE-2024-23181

CVE-2024-23181 concerns a-blog cms. The Red Hat, NVD, and JVN-enriched records identify a cross-site scripting vulnerability in a-blog cms versions: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issue allows a remote unauthentica...

6.1CVSS6.8AI score0.00411EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/01/23 9:37 a.m.•17 views

CVE-2024-23180

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...

7.5AI score0.00918EPSS

Exploits0References2

Cvelist•added 2024/01/23 9:37 a.m.•22 views

CVE-2024-23180

8.9AI score0.00918EPSS

Exploits0References2

CVE•added 2024/01/23 9:37 a.m.•48 views

CVE-2024-23180

CVE-2024-23180 affects a-blog cms with multiple vulnerable branches: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issue is an improper input validation vulnerability that allows a remote authenticated attacker to execute arbitra...

8.8CVSS8.6AI score0.00918EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2024/01/23 12:0 a.m.•4 views

PT-2024-19698 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue is related to improper input...

8.8CVSS8.7AI score0.00918EPSS

Exploits0References5

CNNVD•added 2024/01/23 12:0 a.m.•4 views

a-blog cms security breach

a-blog cms is a Japanese content management system CMS. A security vulnerability exists in a-blog cms. A remote attacker can exploit this vulnerability to execute arbitrary scripts on a logged-in user's web browser. The following versions are affected: versions 3.1.x through 3.1.7 and earlier,...

5.4CVSS7.3AI score0.00361EPSS

Exploits0References3

Positive Technologies•added 2024/01/23 12:0 a.m.•2 views

PT-2024-19701 · Unknown · A-Blog Cms

5.4CVSS5.3AI score0.00361EPSS

Exploits0References5

Positive Technologies•added 2024/01/23 12:0 a.m.•5 views

PT-2024-19699 · Unknown · A-Blog Cms

6.1CVSS6.2AI score0.00411EPSS

Exploits0References6

Positive Technologies•added 2024/01/23 12:0 a.m.•3 views

PT-2024-19827 · Unknown · A-Blog Cms

8.8CVSS8.4AI score0.0069EPSS

Exploits0References3

CNNVD•added 2024/01/23 12:0 a.m.•4 views

a-blog cms security breach

a-blog cms is a Japanese content management system CMS. A security vulnerability exists in a-blog cms. A remote attacker can exploit this vulnerability to execute arbitrary JavaScript code by uploading a specially crafted SVG file. The following versions are affected: version 3.1.x to version 3.1...

8.8CVSS7.4AI score0.0069EPSS

Exploits0References3

Positive Technologies•added 2024/01/23 12:0 a.m.•4 views

PT-2024-19700 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 2.9.1 a-blog cms versions 2.9.0 and earlier a-blog cms versions 2.10.x through 2.10.49 a-blog cms versions 2.11.x through 2.11.57 a-blog cms versions 3.0.x through 3.0.28 a-blog cms versions 3.1.x through 3.1.6...

8.1CVSS7.8AI score0.00749EPSS

Exploits0References6

Japan Vulnerability Notes•added 2024/01/22 6:8 a.m.•4 views

Multiple vulnerabilities in a-blog cms

Overview a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. Improper input validation CWE-20 - CVE-2024-23180 Cross-site scripting CWE-79 - CVE-2024-23181 Relative path traversal CWE-23 - CVE-2024-23182 Cross-site scripting CWE-79 - CVE-2024-23183 Improper input...

8.8CVSS7.2AI score0.00918EPSS

Exploits0References17

CNNVD•added 2024/01/22 12:0 a.m.•3 views

a-blog cms security breach

a-blog cms is a Japanese content management system CMS. A security vulnerability exists in a-blog cms versions before Ver.3.1.7, before Ver.3.0.29, before Ver.2.11.58, and before Ver.2.10.50, which can be exploited by an attacker to execute arbitrary code by uploading a specially crafted SVG file...

8.8CVSS7.6AI score0.00918EPSS

Exploits0References4

CNNVD•added 2024/01/22 12:0 a.m.•4 views

a-blog cms security breach

a-blog cms is a Japanese content management system CMS. A security vulnerability exists in versions of a-blog cms before Ver.3.1.7, before Ver.3.0.29, before Ver.2.11.58, and before Ver.2.10.50, which can be exploited by an attacker to execute arbitrary script on a logged-in user's web browser...

6.1CVSS7.2AI score0.00411EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by