7705 matches found
CVE-2022-23810
Template injection Improper Neutralization of Special Elements Used in a Template Engine vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to...
CVE-2022-23916
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows ...
CVE-2022-23916
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows ...
CVE-2022-23810
Template injection Improper Neutralization of Special Elements Used in a Template Engine vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to...
CVE-2022-21142
Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass...
CVE-2022-21142
Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass...
CVE-2022-21142
Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass...
Sql injection
Template injection Improper Neutralization of Special Elements Used in a Template Engine vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to...
Authentication flaw
Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass...
Cross site scripting
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows ...
Cross site scripting
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows ...
CVE-2022-24374
Summary: CVE-2022-24374 describes a cross-site scripting (XSS) vulnerability in a-blog CMS. The connected Red Hat advisory for CVE-2022-23916 confirms the same underlying issue across multiple branches and provides concrete fixed versions. Affected platforms/versions: a-blog CMS Ver. 2.8.x < 2...
CVE-2022-23916
CVE-2022-23916 describes a cross-site scripting (XSS) vulnerability in a-blog cms where an authenticated remote attacker can inject arbitrary scripts via unspecified vectors. Affected series and minimum patched levels are: 2.8.x before 2.8.75, 2.9.x before 2.9.40, 2.10.x before 2.10.44, 2.11.x be...
CVE-2022-23916
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows ...
CVE-2022-23810
Template injection Improper Neutralization of Special Elements Used in a Template Engine vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to...
CVE-2022-23810
The CVE-2022-23810 issue affects a-blog cms (Appleple) with template injection (Improper Neutralization of Special Elements Used in a Template Engine). A remote authenticated attacker can obtain arbitrary files on the server via unspecified vectors. Affected versions include: 2.8.x before 2.8.75,...
CVE-2022-21142
CVE-2022-21142 is an authentication bypass vulnerability affecting a-blog cms. The issue allows remote unauthenticated attackers to bypass login under specific conditions in multiple series: 2.8.x (before 2.8.74), 2.9.x (before 2.9.39), 2.10.x (before 2.10.43), and 2.11.x (before 2.11.41). Public...
CVE-2022-21142
Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass...
PT-2022-14875 · Unknown · A-Blog Cms
Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 2.8.74 a-blog cms versions prior to 2.9.39 a-blog cms versions prior to 2.10.43 a-blog cms versions prior to 2.11.41 Description: The issue allows a remote unauthenticated attacker to bypass authentication under...
WordPress WP Content Copy Protection
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the server in PHP and MySQL to set up a personal blog site. WordPress plugin is a WordPress open source application plug-in. WordPress WP Content Copy Protection...