CVE-2026-1813 bolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted upload

A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...

CVE-2026-1813

A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...

CVE-2026-1813 bolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted upload

A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...

CVE-2026-1813

The CVE-2026-1813 entry concerns bolo-blog bolo-solo up to version 2.6.4, involving the FreeMarker Template Handler. It identifies an issue in the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java where manipulation of the File argument enables unrestricted upload. This could all...

CVE-2026-1812

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812 bolo-blog bolo-solo Filename BackupService.java importFromCnblogs path traversal

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812 bolo-blog bolo-solo Filename BackupService.java importFromCnblogs path traversal

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812

The CVE-2026-1812 issue affects bolo-blog/bolo-solo up to version 2.6.4. The flaw is a path traversal in the importFromCnblogs() function of BackupService.java in the Filename Handler component, caused by manipulation of the File argument. This allows remote exploitation and has had its exploit d...

CVE-2026-1811

A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. Executing a manipulation of the argument File can lead to path traversal. The attack may ...

CVE-2026-1811

A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. Executing a manipulation of the argument File can lead to path traversal. The attack may ...

CVE-2026-1811 bolo-blog bolo-solo Filename BackupService.java importFromMarkdown path traversal

A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. Executing a manipulation of the argument File can lead to path traversal. The attack may ...

CVE-2026-1811 bolo-blog bolo-solo Filename BackupService.java importFromMarkdown path traversal

A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. Executing a manipulation of the argument File can lead to path traversal. The attack may ...

CVE-2026-1811

A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. Executing a manipulation of the argument File can lead to path traversal. The attack may ...

CVE-2026-1811

The CVE-2026-1811 entry concerns bolo-blog bolo-solo up to version 2.6.4. The vulnerability lies in the Filename Handler’s importFromMarkdown function (BackupService.java). Manipulating the File argument can trigger path traversal, with a remote attack vector. Public exploitation has been publish...

CVE-2026-1810

A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal...

CVE-2026-1810 bolo-blog bolo-solo ZIP File BackupService.java unpackFilteredZip path traversal

A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal...

CVE-2026-1810

CVE-2026-1810 affects bolo-blog/bolo-solo up to version 2.6.4 . The vulnerability resides in the ZIP File Handler, specifically the function unpackFilteredZip in src/main/java/org/b3log/solo/bolo/prop/BackupService.java, where manipulating the argument File can cause a path traversal. Exploitatio...

CVE-2026-1810

A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal...