Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

181 matches found

Prion
Prionadded 2023/05/01 4:15 p.m.10 views

Cross site scripting

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString...

4.9CVSS5.3AI score0.00414EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/05/01 12:0 a.m.8 views

CVE-2023-29636

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString...

5.4AI score0.00414EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/05/01 12:0 a.m.10 views

CVE-2023-29639

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...

5.4AI score0.00364EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/05/01 12:0 a.m.4 views

My-Blog 跨站脚本漏洞

My-Blog is a Java blog system implemented by SpringBoot + Mybatis + Thymeleaf and other technologies, with beautiful pages, full functionality, easy deployment and perfect code. ZHENFENG13 A security vulnerability exists in My-Blog, which stems from the presence of a cross-site scripting XSS...

5.4CVSS5.6AI score0.00414EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/05/01 12:0 a.m.4 views

My-Blog 跨站脚本漏洞

My-Blog is a Java blog system implemented by SpringBoot + Mybatis + Thymeleaf and other technologies, with beautiful pages, full functionality, easy deployment and perfect code. ZHENFENG13 A security vulnerability exists in My-Blog, which stems from the presence of a cross-site scripting XSS...

5.4CVSS5.6AI score0.00364EPSS
Exploits1References2
Cvelist
Cvelistadded 2023/05/01 12:0 a.m.17 views

CVE-2023-29636

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString...

5.5AI score0.00414EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/05/01 12:0 a.m.3 views

PT-2023-22348

Name of the Vulnerable Software and Affected Versions ZHENFENG13 My-Blog affected versions not specified Description A cross site scripting XSS issue allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not...

5.4CVSS5.7AI score0.00364EPSS
Exploits1References6
Cvelist
Cvelistadded 2023/05/01 12:0 a.m.13 views

CVE-2023-29639

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...

5.5AI score0.00364EPSS
Exploits1References1
CVE
CVEadded 2023/05/01 12:0 a.m.46 views

CVE-2023-29636

CVE-2023-29636 is a cross-site scripting (XSS) vulnerability in ZHENFENG13 My-Blog. The root cause is that the title field on the blog management page is not sanitized with MyBlogUtils.cleanString, enabling arbitrary script/HTML injection. Reported details are corroborated by multiple sources (NV...

5.4CVSS5.3AI score0.00414EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/05/01 12:0 a.m.37 views

CVE-2023-29639

CVE-2023-29639 describes a cross-site scripting (XSS) vulnerability in ZHENFENG13 My-Blog. The root cause is that the default configuration does not use MyBlogUtils.cleanString, allowing an attacker to inject arbitrary script/HTML when editing a blog article. Impact is reflected as potential scri...

5.4CVSS5.3AI score0.00364EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2023/04/07 9:15 a.m.15 views

CVE-2023-1937

A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attac...

5CVSS4.6AI score0.0033EPSS
Exploits1References3
Prion
Prionadded 2023/04/07 9:15 a.m.20 views

Cross site request forgery (csrf)

A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attac...

5CVSS4.8AI score0.0033EPSS
Exploits1References3
Cvelist
Cvelistadded 2023/04/07 8:31 a.m.21 views

CVE-2023-1937 zhenfeng13 My-Blog userInfo cross-site request forgery

A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attac...

5CVSS5AI score0.0033EPSS
Exploits1References3
CVE
CVEadded 2023/04/07 8:31 a.m.53 views

CVE-2023-1937

CVE-2023-1937 affects zhenfeng13 My-Blog. The issue is in an unknown function of the file /admin/configurations/userInfo, where manipulating parameters yourAvatar, yourName, or yourEmail leads to cross-site request forgery. It can be exploited remotely and a public exploit exists. The project use...

5CVSS4.6AI score0.0033EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2023/03/13 3:15 p.m.7 views

CVE-2023-27093

Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function...

6.1CVSS6.1AI score0.00363EPSS
Exploits1References1
Prion
Prionadded 2023/03/13 3:15 p.m.13 views

Cross site scripting

Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function...

5.8CVSS6.1AI score0.00363EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/03/13 12:0 a.m.5 views

CVE-2023-27093

Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function...

6.1AI score0.00363EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/03/13 12:0 a.m.14 views

CVE-2023-27093

Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function...

6.2AI score0.00363EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/03/13 12:0 a.m.2 views

PT-2023-20950 · Myblog · Myblog

Name of the Vulnerable Software and Affected Versions: My-Blog affected versions not specified Description: A Cross Site Scripting issue in My-Blog allows attackers to cause a denial of service via the Post function. Recommendations: At the moment, there is no information about a newer version th...

6.1CVSS6.7AI score0.00363EPSS
Exploits1References4
CVE
CVEadded 2023/03/13 12:0 a.m.34 views

CVE-2023-27093

CVE-2023-27093 affects the My-Blog application. The provided documents describe a Cross Site Scripting (XSS) vulnerability that allows attackers to cause a denial of service via the Post function. The NVD entry lists a MEDIUM base severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). Exploit ...

6.1CVSS6.1AI score0.00363EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder