EUVD-2017-1415

Malware in sbrugna...

EUVD-2022-31928

Malicious code in bioql PyPI...

CVE-2022-2740

A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attack can be initiate...

CVE-2020-19002

Cross Site Scripting XSS in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632...

CVE-2023-3689 Bylancer QuickQR GET Parameter blog sql injection

A vulnerability classified as critical was found in Bylancer QuickQR 6.3.7. Affected by this vulnerability is an unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be launched remotely. The...

Bylancer QuickVCard SQL注入漏洞

Bylancer QuickVCard is a Digital Business Card SaaS PHP script from Bylancer. A SQL injection vulnerability exists in Bylancer QuickVCard version 2.1, which stems from some unknown handling of the file /blog in the component GET Parameter Handler, which leads to an sql injection via the parameter...

Bylancer QuickAI OpenAI SQL注入漏洞

Bylancer QuickAI OpenAI is an artificial intelligence writing assistant and content creator from Bylancer. Bylancer QuickAI OpenAI version 3.8.1 suffers from a SQL injection vulnerability that stems from the presence of unknown code in the file/blog in the component GET Parameter Handler, which...

Company Website CMS 代码问题漏洞

Company Website CMS is a company website/CMS by Torrahclef Individual Developer. Company Website CMS suffers from a code issue vulnerability that stems from an unrestricted upload due to the manipulation of the parameter ufile in an unknown portion of code in its add blog content component...

CVE-2022-27425

Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting XSS vulnerability via the component /blog/blog.php...

CVE-2022-27425

Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting XSS vulnerability via the component /blog/blog.php...

Serendipity blog component SQL injection vulnerability

Serendipity is a PHP-based blogging system. The system supports the creation of online diaries, blogs, web pages, etc. blog component is one of the blogging components. A SQL injection vulnerability exists in the blog component in Serendipity version 2.0.3. A remote attacker can exploit this...

Sql injection

Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure...

CVE-2010-1491

Directory traversal vulnerability in the MMS Blog commmsblog component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php...