Lucene search
K

163 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10556

Malware in sbrugna...

8.8CVSS8.8AI score0.00815EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-18592

Malware in sbrugna...

5.3CVSS5.5AI score0.01472EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10112

Malware in sbrugna...

5.4CVSS5.6AI score0.00546EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52791

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00604EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43648

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01208EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:57 a.m.10 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

9.8CVSS7.7AI score0.00604EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:27 p.m.4 views

CVE-2022-40357

A security issue was discovered in Z-BlogPHP = 1.7.2. A Server-Side Request Forgery SSRF vulnerability in the zbusers/plugin/UEditor/php/actioncrawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter...

9.8CVSS9.1AI score0.01208EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:56 p.m.9 views

CVE-2020-18268

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zbsystem/cmd.php."...

6.1CVSS6.5AI score0.02687EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.9 views

CVE-2020-23352

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zbuser/plugin/passwordvisit/include.php:passwordvisitinputpassword uses loose comparison to authenticate, which can be bypassed via magic hash values...

7.5CVSS6.9AI score0.01074EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:23 p.m.6 views

CVE-2020-29176

An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows attackers to execute arbitrary code via a crafted JPG file...

7.8CVSS7.8AI score0.00835EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:23 p.m.10 views

CVE-2020-29177

Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion vulnerability via \appdel.php...

9.1CVSS7.5AI score0.0093EPSS
Exploits0
NVD
NVD
added 2025/01/06 6:15 p.m.21 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

9.8CVSS0.00604EPSS
Exploits0References1
CVE
CVE
added 2025/01/06 12:0 a.m.72 views

CVE-2024-55529

CVE-2024-55529 affects Z-BlogPHP 1.7.3, with arbitrary code execution via the path zb_users\theme\shell\template. The issue is evidenced across multiple feeds (NVD/Red Hat/CNNVD/CVE.org), describing unauthenticated remote code execution (CVSS v3.1 score 9.8, vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:...

9.8CVSS7.8AI score0.00604EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/06 12:0 a.m.9 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

7.7AI score0.00604EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/06 12:0 a.m.19 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

0.00604EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 12:0 a.m.2 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

9.8CVSS8AI score0.00604EPSS
Exploits0References3
CNVD
CNVD
added 2024/07/11 12:0 a.m.9 views

Z-BlogPHP cross-site scripting vulnerability (CNVD-2024-32984)

Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. Z-BlogPHP suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload...

6.1CVSS6.3AI score0.00683EPSS
Exploits1References1
NVD
NVD
added 2024/07/08 4:15 p.m.40 views

CVE-2024-39203

A cross-site scripting XSS vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS0.00683EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/08 12:0 a.m.16 views

CVE-2024-39203

A cross-site scripting XSS vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.8AI score0.00683EPSS
Exploits1References1
CVE
CVE
added 2024/07/08 12:0 a.m.69 views

CVE-2024-39203

The CVE-2024-39203 entry corresponds to a cross-site scripting (XSS) vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3. A crafted payload can execute arbitrary web scripts or HTML in the context of the affected web application. Documented impact indicates user interaction i...

6.1CVSS5.6AI score0.00683EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder