EUVD-2025-29651

Malicious code in bioql PyPI...

EUVD-2024-26478

Malicious code in bioql PyPI...

PT-2025-38071

Name of the Vulnerable Software and Affected Versions: zhangyd-c OneBlog version 2.3.9 Description: The /api/comment endpoint in zhangyd-c OneBlog is susceptible to a denial-of-service issue. Recommendations: At the moment, there is no information about a newer version that contains a fix for thi...

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...

CVE-2024-29470

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the component rootpath/links...

CVE-2022-34013

OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Logo parameter under the Link module...

CVE-2025-2835

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched...

CVE-2024-54954

OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department...

CVE-2024-29470

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the component rootpath/links...