Lucene search
K

163 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-18403

Malware in sbrugna...

6.5CVSS6.6AI score0.00511EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-20766

Malware in sbrugna...

4.8CVSS5.1AI score0.00518EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-21557

Malware in sbrugna...

9.1CVSS9.2AI score0.0093EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52791

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00594EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43648

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01208EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:57 a.m.10 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

9.8CVSS7.7AI score0.00594EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:27 p.m.4 views

CVE-2022-40357

A security issue was discovered in Z-BlogPHP = 1.7.2. A Server-Side Request Forgery SSRF vulnerability in the zbusers/plugin/UEditor/php/actioncrawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter...

9.8CVSS9.1AI score0.01208EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:56 p.m.9 views

CVE-2020-18268

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zbsystem/cmd.php."...

6.1CVSS6.5AI score0.02687EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.8 views

CVE-2020-23352

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zbuser/plugin/passwordvisit/include.php:passwordvisitinputpassword uses loose comparison to authenticate, which can be bypassed via magic hash values...

7.5CVSS6.9AI score0.01074EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:23 p.m.6 views

CVE-2020-29176

An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows attackers to execute arbitrary code via a crafted JPG file...

7.8CVSS7.8AI score0.00835EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:23 p.m.8 views

CVE-2020-29177

Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion vulnerability via \appdel.php...

9.1CVSS7.5AI score0.0093EPSS
Exploits0
NVD
NVD
added 2025/01/06 6:15 p.m.19 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

9.8CVSS0.00594EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 6:15 p.m.2 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

9.8CVSS8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/06 12:0 a.m.7 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

7.7AI score0.00594EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/06 12:0 a.m.17 views

CVE-2024-55529

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...

0.00594EPSS
Exploits0References1
CVE
CVE
added 2025/01/06 12:0 a.m.70 views

CVE-2024-55529

CVE-2024-55529 affects Z-BlogPHP 1.7.3, with arbitrary code execution via the path zb_users\theme\shell\template. The issue is evidenced across multiple feeds (NVD/Red Hat/CNNVD/CVE.org), describing unauthenticated remote code execution (CVSS v3.1 score 9.8, vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:...

9.8CVSS7.8AI score0.00594EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2024/07/11 12:0 a.m.8 views

Z-BlogPHP cross-site scripting vulnerability (CNVD-2024-32984)

Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. Z-BlogPHP suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload...

6.1CVSS6.3AI score0.00683EPSS
Exploits1References1
NVD
NVD
added 2024/07/08 4:15 p.m.39 views

CVE-2024-39203

A cross-site scripting XSS vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS0.00683EPSS
Exploits1References1
OSV
OSV
added 2024/07/08 4:15 p.m.22 views

CVE-2024-39203

A cross-site scripting XSS vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS5.7AI score0.00683EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/07/08 12:0 a.m.5 views

Z-BlogPHP 安全漏洞

Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. Z-BlogPHP suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload...

6.1CVSS5.9AI score0.00683EPSS
Exploits1References2
Rows per page
Query Builder