181 matches found
CVE-2025-8740
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to...
CVE-2025-8740
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to...
CVE-2025-8739
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has...
CVE-2025-8739
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has...
CVE-2025-8740 zhenfeng13 My-Blog Category save cross site scripting
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to...
CVE-2025-8740 zhenfeng13 My-Blog Category save cross site scripting
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to...
CVE-2025-8739 zhenfeng13 My-Blog save cross-site request forgery
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has...
CVE-2025-8739 zhenfeng13 My-Blog save cross-site request forgery
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has...
CVE-2025-8739
The CVE-2025-8739 issue affects zhenfeng13 My-Blog up to version 1.0.0. The vulnerability resides in the /admin/tags/save processing where manipulating the tagName parameter enables cross-site request forgery (CSRF). Impact is described as CSRF without details on confidentiality or integrity beyo...
PT-2025-32411 · Myblog · Myblog
Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog versions up to 1.0.0 Description: A cross-site request forgery issue exists due to the manipulation of the tagName argument in the processing of the /admin/tags/save API endpoint. The attack can be initiated remotely. The...
My-Blog 代码注入漏洞
My-Blog is ZHENFENG13 individual developer by SpringBoot + Mybatis + Thymeleaf and other technologies to achieve the Java blog system, page beautiful, full-featured, easy to deploy and perfect code. A code injection vulnerability exists in My-Blog 1.0.0 and earlier versions, which stems from...
My-Blog 安全漏洞
My-Blog is ZHENFENG13 individual developer by SpringBoot + Mybatis + Thymeleaf and other technologies to achieve the Java blog system, page beautiful, full-featured, easy to deploy and perfect code. A security vulnerability exists in My-Blog 1.0.0 and earlier versions, which stems from a cross-si...
PT-2025-32412 · Zhenfeng13 · Myblog
Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog versions up to 1.0.0 Description: A cross-site scripting issue exists in zhenfeng13 My-Blog up to version 1.0.0. The issue is related to the manipulation of the categoryName argument within an unknown function of the...
CVE-2024-33907
Missing Authorization vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through = 3.26.2...
CVE-2024-13144
A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. It...
CVE-2024-13145
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload. The attack...
CVE-2024-37271
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through = 3.27.0...
CVE-2023-29639
Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...
CVE-2023-27093
Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function...
CVE-2023-1937
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attac...