3656 matches found
PT-2026-1113
Name of the Vulnerable Software and Affected Versions Emlog version 2.5.23 Description Emlog is a website building system. In version 2.5.23, administrators can configure controls that prevent users from editing or deleting their articles after they are published. No patched versions are currentl...
emlog 跨站请求伪造漏洞
emlog is emlog open source PHP and MySQL based CMS site building system. A cross-site request forgery vulnerability exists in emlog version 2.5.23. The vulnerability stems from a cross-site request forgery in the article creation function, which could lead to users being forced to publish...
PT-2026-1117
Name of the Vulnerable Software and Affected Versions Emlog version 2.5.23 Description Emlog version 2.5.23’s article creation functionality is susceptible to cross-site request forgery CSRF. This allows an attacker to force a user to post an article containing arbitrary content. When combined wi...
PT-2026-1118
Name of the Vulnerable Software and Affected Versions Emlog version 2.5.23 Description Emlog, an open source website building system, contains a stored cross-site scripting issue. The issue is present in the Resource media library function when publishing an article. The Resource media library...
phpok3w SQL注入漏洞
phpok3w is an article management system by the individual developer of sunbingzibo. A SQL injection vulnerability exists in phpok3w, which stems from incorrect manipulation of the parameter ID in the file show.php, which may lead to SQL injection...
CVE-2025-15014
A security flaw has been discovered in loganhong php loganSite up to c035fb5c3edd0b2a5e32fd4051cbbc9e61a31426. This affects an unknown function of the file /includes/articledetail.php of the component Article Handler. Performing manipulation of the argument ID results in sql injection. It is...
CVE-2025-15014
A security flaw has been discovered in loganhong php loganSite up to c035fb5c3edd0b2a5e32fd4051cbbc9e61a31426. This affects an unknown function of the file /includes/articledetail.php of the component Article Handler. Performing manipulation of the argument ID results in sql injection. It is...
CVE-2025-15014 loganhong php loganSite Article article_detail.php sql injection
A security flaw has been discovered in loganhong php loganSite up to c035fb5c3edd0b2a5e32fd4051cbbc9e61a31426. This affects an unknown function of the file /includes/articledetail.php of the component Article Handler. Performing manipulation of the argument ID results in sql injection. It is...
EUVD-2025-204699
A security flaw has been discovered in loganhong php loganSite up to c035fb5c3edd0b2a5e32fd4051cbbc9e61a31426. This affects an unknown function of the file /includes/articledetail.php of the component Article Handler. Performing manipulation of the argument ID results in sql injection. It is...
CVE-2025-15014 loganhong php loganSite Article article_detail.php sql injection
A security flaw has been discovered in loganhong php loganSite up to c035fb5c3edd0b2a5e32fd4051cbbc9e61a31426. This affects an unknown function of the file /includes/articledetail.php of the component Article Handler. Performing manipulation of the argument ID results in sql injection. It is...
CVE-2025-15014
CVE-2025-15014 affects loganhong php loganSite (Article Handler) via /includes/article_detail.php. The vulnerability arises from manipulating the ID argument, causing SQL injection against an unknown function/file component. Reports consistently describe remote exploitation potential and a rollin...
loganSite SQL注入漏洞
loganSite is a personal blog project by loganhong individual developer. loganSite has a SQL injection vulnerability that originates from the incorrect manipulation of the parameter ID in the file /includes/articledetail.php in the component Article Handler, which could lead to a SQL injection...
PT-2025-52633
Name of the Vulnerable Software and Affected Versions loganhong php loganSite affected versions not specified Description A security flaw exists in loganhong php loganSite. The issue affects an unknown function within the /includes/article detail.php file of the Article Handler component...
CVE-2023-53911
Textpattern CMS 4.8.8 contains a stored cross-site scripting vulnerability in the article excerpt field that allows authenticated users to inject malicious scripts. Attackers can insert JavaScript payloads into the excerpt, which will execute when the article is viewed by other users...
CVE-2023-53911
Textpattern CMS 4.8.8 contains a stored cross-site scripting vulnerability in the article excerpt field that allows authenticated users to inject malicious scripts. Attackers can insert JavaScript payloads into the excerpt, which will execute when the article is viewed by other users...
CVE-2023-53911
Textpattern CMS 4.8.8 contains a stored cross-site scripting vulnerability in the article excerpt field that allows authenticated users to inject malicious scripts. Attackers can insert JavaScript payloads into the excerpt, which will execute when the article is viewed by other users...
CVE-2023-53911
Summary: CVE-2023-53911 affects Textpattern CMS 4.8.8 with a stored XSS in the article excerpt field. Affected component: article excerpt handling (Textpattern CMS). Root cause / vector: authenticated users can inject JavaScript payloads into the excerpt, which executes when other users view the ...
CVE-2023-53911 Textpattern CMS 4.8.8 Authenticated Stored Cross-Site Scripting via Article Excerpt
Textpattern CMS 4.8.8 contains a stored cross-site scripting vulnerability in the article excerpt field that allows authenticated users to inject malicious scripts. Attackers can insert JavaScript payloads into the excerpt, which will execute when the article is viewed by other users...
CVE-2023-53911 Textpattern CMS 4.8.8 Authenticated Stored Cross-Site Scripting via Article Excerpt
Textpattern CMS 4.8.8 contains a stored cross-site scripting vulnerability in the article excerpt field that allows authenticated users to inject malicious scripts. Attackers can insert JavaScript payloads into the excerpt, which will execute when the article is viewed by other users...
Textpattern CMS 跨站脚本漏洞
Textpattern CMS is a Php-based content management system from the Textpattern team. A cross-site scripting vulnerability exists in Textpattern CMS version 4.8.8, which stems from improperly cleaned article summary fields and could lead to a stored cross-site scripting attack...