3 matches found
CVE-2025-9432 mtons mblog Admin Panel list cross site scripting
A vulnerability has been found in mtons mblog up to 3.5.0. The affected element is an unknown function of the file /admin/post/list of the component Admin Panel. Such manipulation of the argument Title leads to cross site scripting. The attack can be launched remotely. The exploit has been...
PT-2022-25569 · Unknown · Ndkadvancedcustomizationfields
Name of the Vulnerable Software and Affected Versions: NdkAdvancedCustomizationFields version 3.5.0 Description: A SQL injection issue in the height and width parameters allows unauthenticated attackers to exfiltrate database data. Recommendations: For NdkAdvancedCustomizationFields version 3.5.0...
JVN#13415512: Cybozu Garoon vulnerable to SQL injection
Cybozu Garoon provided by Cybozu, Inc. contains an SQL injection vulnerability CWE-89 in application "Notifications". Impact A remote authenticated attacker may execute an arbitrary SQL command. Solution Update the Software Update to the latest version according to the information provided by the...