67 matches found
CVE-2026-6625 moxi624 Mogu Blog v2 Picture Storage Service LocalFileServiceImpl.java LocalFileServiceImpl.uploadPictureByUrl server-side request forgery
A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogupicture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java of the component Picture...
CVE-2026-6609
A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function formvalid of the file oauth/views.py. This manipulation of the argument oauthid causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2026-6610
A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulation of the argument USER/PASSWORD leads to hard-coded credentials. The attack may be launched...
EUVD-2026-23712
A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file blog/views.py of the component Clean Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made available to the...
CVE-2026-39632
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Blog grandblog allows Cross Site Request Forgery.This issue affects Grand Blog: from n/a through = 3.1...
CVE-2026-4616 bolo-blog Article Title article cross site scripting
A security flaw has been discovered in bolo-blog up to 2.6.4. The affected element is an unknown function of the file /console/article/ of the component Article Title Handler. Performing a manipulation of the argument articleTitle results in cross site scripting. It is possible to initiate the...
PT-2025-48416
Name of the Vulnerable Software and Affected Versions moxi159753 Mogu Blog versions up to 5.2 Description A flaw exists in the Storage Management Endpoint component of moxi159753 Mogu Blog. The issue involves unauthorized processing of the /storage/ file, leading to a missing authorization check...
CVE-2025-60354
Unauthorized modification of arbitrary articles vulnerability exists in blog-vue-springboot...
EUVD-2006-0340
Malware in sbrugna...
EUVD-2009-0329
Malware in sbrugna...
EUVD-2010-4881
Malware in sbrugna...
EUVD-2005-1139
Malware in sbrugna...
EUVD-2017-9091
Malware in sbrugna...
EUVD-2009-4867
Malware in sbrugna...
EUVD-2007-1439
Malware in sbrugna...
EUVD-2025-28813
Malicious code in bioql PyPI...
EUVD-2024-45576
Malicious code in bioql PyPI...
EUVD-2025-6665
Malicious code in bioql PyPI...
PT-2025-36511
Name of the Vulnerable Software and Affected Versions: XWiki versions prior to 9.14 Description: The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Prior to version 9.14, the blog application allowed remote code execution for any logged-in user with edi...
CVE-2025-9151
A security flaw has been discovered in LiuYuYang01 ThriveX-Blog up to 3.1.7. Affected by this vulnerability is the function updateJsonValueByName of the file /webconfig/json/name/web. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The...