124 matches found
PerfreeBlog 代码问题漏洞
PerfreeBlog is a java-based blog/CMS builder. A security vulnerability exists in Perfree PerfreeBlog version v.3.1.2, which originates from a vulnerability that allows remote attackers to execute arbitrary code via a crafted plugin listed in admin/plugin/access/list...
CVE-2023-40825
CVE-2023-40825 affects PerfreeBlog v3.1.2. A crafted plugin listed under admin/plugin/access/list enables a remote attacker to execute arbitrary code. The vulnerability originates from how plugins are loaded or validated in PerfreeBlog, allowing code execution with likely network access. Public r...
CVE-2023-40825
An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list...
CVE-2023-30333
An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2023-30333
An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2023-30333
An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2023-30333
An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file...
PT-2023-22640 · Unknown · Perfreeblog
Name of the Vulnerable Software and Affected Versions: PerfreeBlog version 3.1.2 Description: An arbitrary file upload issue in the /admin/ThemeController.java component allows attackers to execute arbitrary code via a crafted file. Recommendations: For PerfreeBlog version 3.1.2, consider...
CVE-2023-30333
CVE-2023-30333 affects PerfreeBlog v3.1.2. The arbitrary file upload vulnerability is in the /admin/ThemeController.java component and can lead to remote code execution via a crafted file. CVSS v3.1 base score 9.8 (CRITICAL) with network access, no privileges, and no user interaction required. Do...
PerfreeBlog 代码问题漏洞
PerfreeBlog is a java-based blog/CMS builder. A security vulnerability exists in PerfreeBlog version v3.1.2, which stems from the presence of an arbitrary file upload vulnerability that allows an attacker to execute arbitrary code via a crafted file...
CVE-2023-29643
Cross Site Scripting XSS vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function...
CVE-2023-29643
Cross Site Scripting XSS vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function...
Cross site scripting
Cross Site Scripting XSS vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function...
PerfreeBlog 跨站脚本漏洞
PerfreeBlog is a java-based blog/CMS builder. A security vulnerability exists in PerfreeBlog version 3.1.2, which stems from a cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary code via the Post function...
CVE-2023-29643
Cross Site Scripting XSS vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function...
PT-2023-22351 · Unknown · Perfreeblog
Name of the Vulnerable Software and Affected Versions: PerfreeBlog version 3.1.2 Description: The issue is a Cross Site Scripting XSS vulnerability that allows attackers to execute arbitrary code via the Post function. This enables attackers to potentially inject malicious scripts into the websit...
CVE-2023-29643
Cross Site Scripting XSS vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function...
CVE-2023-29643
PerfreeBlog 3.1.2 is affected by a Cross Site Scripting (XSS) vulnerability that allows arbitrary code execution via the Post function. The CVE records indicate an impact at low confidentiality and integrity, no availability impact, with CVSS v3.1 base score 5.4 (Network attack vector, low attack...
CVE-2023-27757
An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file...