181 matches found
PT-2025-16276 · Zhenfeng13 · My-Blog-Layui
Name of the Vulnerable Software and Affected Versions: ZHENFENG13/code-projects My-Blog-layui version 1.0 Description: A critical vulnerability affects the file upload function of the /admin/upload/authorImg/ endpoint. The manipulation of the File argument leads to unrestricted file upload. The...
My-Blog-layui 代码问题漏洞
My-Blog-layui is a blog system developed by ZHENFENG13. A code issue exists in My-Blog-layui version 1.0, the vulnerability stems from the wrong operation of the parameter File in the file /admin/upload/authorImg/, which leads to the upload of arbitrary files...
CVE-2024-53722
Cross-Site Request Forgery CSRF vulnerability in rockemmusic Favicon My Blog favicon-my-blog allows Stored XSS.This issue affects Favicon My Blog: from n/a through = 1.0.2...
CVE-2024-13145
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload. The attack...
CVE-2024-13145
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload. The attack...
CVE-2024-13145 zhenfeng13 My-Blog uploadController. java upload unrestricted upload
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload. The attack...
CVE-2024-13145
CVE-2024-13145 affects zhenfeng13 My-Blog 1.0. The vulnerability lies in the upload function (src/main/java/com/site/blog/my/core/controller/admin/uploadController.java): manipulation of the file parameter leads to unrestricted file upload. This enables remote exploitation. Multiple connected sou...
CVE-2024-13145 zhenfeng13 My-Blog uploadController. java upload unrestricted upload
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload. The attack...
CVE-2024-13144
A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. It...
CVE-2024-13144 zhenfeng13 My-Blog BlogController.java uploadFileByEditomd unrestricted upload
A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. It...
CVE-2024-13144 zhenfeng13 My-Blog BlogController.java uploadFileByEditomd unrestricted upload
A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. It...
CVE-2024-13144
CVE-2024-13144 affects zhenfeng13 My-Blog 1.0. The vulnerability is in the function uploadFileByEditomd of src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. Manipulating the argument editormd-image-file leads to unrestricted upload, allowing remote exploitation. Multiple c...
PT-2025-2030 · Unknown · Zhenfeng13 My-Blog
Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog version 1.0 Description: A critical vulnerability has been found in the software. It affects the uploadFileByEditomd function in the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The...
My-Blog 代码问题漏洞
My-Blog is a Java blog system implemented by SpringBoot + Mybatis + Thymeleaf and other technologies, with beautiful pages, full functionality, easy deployment and perfect code. A code issue exists in My-Blog version 1.0, which stems from an incorrect operation of the parameter editormd-image-fil...
My-Blog 代码问题漏洞
My-Blog is a Java blog system implemented by SpringBoot + Mybatis + Thymeleaf and other technologies, with beautiful pages, full functionality, easy deployment and perfect code. A code issue vulnerability exists in My-Blog version 1.0, which stems from improper handling of the file parameter,...
CVE-2024-53722
Cross-Site Request Forgery CSRF vulnerability in rockemmusic Favicon My Blog favicon-my-blog allows Stored XSS.This issue affects Favicon My Blog: from n/a through = 1.0.2...
CVE-2024-53722 WordPress Favicon My Blog plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in rockemmusic Favicon My Blog favicon-my-blog allows Stored XSS.This issue affects Favicon My Blog: from n/a through = 1.0.2...
CVE-2024-53722
CVE-2024-53722 is a CSRF-to-Stored XSS vulnerability in the WordPress plugin Favicon My Blog (versions
CVE-2024-53722 WordPress Favicon My Blog plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in rockemmusic Favicon My Blog favicon-my-blog allows Stored XSS.This issue affects Favicon My Blog: from n/a through = 1.0.2...
WordPress plugin Favicon My Blog 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...