Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7850

Malware in sbrugna...

6.1CVSS6.3AI score0.00867EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-30589

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00555EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:35 p.m.5 views

CVE-2021-43682

thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...

6.1CVSS5.9AI score0.00555EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:33 a.m.4 views

CVE-2019-17494

laravel-bjyblog 6.1.1 has XSS via a crafted URL...

6.1CVSS5.8AI score0.00867EPSS
Exploits1References1
NVD
NVD
added 2021/12/02 2:15 p.m.10 views

CVE-2021-43682

thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...

6.1CVSS0.00555EPSS
Exploits1References1
Prion
Prion
added 2021/12/02 2:15 p.m.16 views

Cross site scripting

thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...

4.3CVSS6AI score0.00555EPSS
Exploits1References1
CVE
CVE
added 2021/12/02 1:37 p.m.42 views

CVE-2021-43682

CVE-2021-43682 affects thinkphp-bjyblog and is caused by an XSS issue in AdminBaseController.class.php due to insufficient input filtering. The exit function can print a message containing $_SERVER['HTTP_HOST'], potentially exposing server information or enabling crafted payloads to reflect data....

6.1CVSS5.9AI score0.00555EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/02 1:37 p.m.20 views

CVE-2021-43682

thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...

6.1AI score0.00555EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/12/02 12:0 a.m.4 views

Thinkphp-Bjyblog 跨站脚本漏洞

Thinkphp-Bjyblog is an open source blog based on ThinkPhp developed by Baijunyao, an individual developer in China. A cross-site scripting vulnerability exists in Thinkphp-Bjyblog because the exit function in the product AdminBaseController.class.php file does not effectively filter input data. T...

6.1CVSS5.9AI score0.00555EPSS
Exploits1References2
Veracode
Veracode
added 2019/10/14 3:5 a.m.19 views

Cross-Site Scripting (XSS)

baijunyao/laravel-bjyblog is vulnerable to cross-site scripting XSS. The vulnerability exists as the value of url as used in app/Models/Site.php is not sanitized...

6.1CVSS1.2AI score0.00867EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2019/10/12 12:0 a.m.1 views

laravel-bjyblog cross-site scripting vulnerability

laravel-bjyblog is an open source personal blog system. A cross-site scripting vulnerability exists in laravel-bjyblog version 6.1.1, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited by an attacker to execute client-side code...

6.1CVSS6.4AI score0.00867EPSS
Exploits1References1
NVD
NVD
added 2019/10/10 9:15 p.m.13 views

CVE-2019-17494

laravel-bjyblog 6.1.1 has XSS via a crafted URL...

6.1CVSS6AI score0.00867EPSS
Exploits1References1
OSV
OSV
added 2019/10/10 9:15 p.m.12 views

CVE-2019-17494

laravel-bjyblog 6.1.1 has XSS via a crafted URL...

6.1CVSS5.7AI score
Exploits0References1
Prion
Prion
added 2019/10/10 9:15 p.m.15 views

Design/Logic Flaw

laravel-bjyblog 6.1.1 has XSS via a crafted URL...

4.3CVSS5.9AI score0.00867EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/10/10 8:16 p.m.108 views

CVE-2019-17494

The CVE-2019-17494 entry concerns laravel-bjyblog version 6.1.1, where cross-site scripting (XSS) is possible via a crafted URL. Multiple connected sources confirm the affected component as the Laravel-based blog system (laravel-bjyblog) and point to an XSS vulnerability stemming from insufficien...

6.1CVSS5.8AI score0.00867EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/10/10 8:16 p.m.15 views

CVE-2019-17494

laravel-bjyblog 6.1.1 has XSS via a crafted URL...

6AI score0.00867EPSS
Exploits1References1
Rows per page
Query Builder