20 matches found
EUVD-2020-10910
Malware in sbrugna...
EUVD-2020-10909
Malware in sbrugna...
EUVD-2019-19127
Malware in sbrugna...
CVE-2020-18999
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'...
CVE-2020-18998
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'...
Blog_mini cross-site scripting vulnerability
Blogmini is an open source blogging system. blogmini version 1.0 has a cross-site scripting vulnerability, the vulnerability originates from the component /admin/custom/blog-plugin/add for parameters without effective validation and escaping, attackers use the vulnerability to execute arbitrary...
CVE-2020-18998
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'...
CVE-2020-18999
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'...
Cross site scripting
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'...
Cross site scripting
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'...
CVE-2020-18999
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'...
CVE-2020-18999
CVE-2020-18999 describes a Cross Site Scripting (XSS) vulnerability in Blog_mini v1.0 . The issue allows remote attackers to execute arbitrary code via the component /admin/submit-articles (specifically in the “Manage Submitted Posts” workflow). The connected sources corroborate the affected soft...
CVE-2020-18998
Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'...
CVE-2020-18998
CVE-2020-18998 affects Blog_mini v1.0 through the vulnerable path /admin/custom/blog-plugin/add where a cross-site scripting (XSS) flaw enables remote attackers to execute arbitrary code. This is supported by multiple sources (NVD/NVD-derived entries, CNVD, OSV, Red Hat advisory) describing the s...
Blog_mini 跨站脚本漏洞
Blogmini is an open source blogging system. blogmini version 1.0 has a cross-site scripting vulnerability, the vulnerability originates from the component /admin/custom/blog-plugin/add for parameters without effective validation and escaping, attackers use the vulnerability to execute arbitrary...
Cross site scripting
In Blogmini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails function, related to app/templates/articlecomments.html...
CVE-2019-9765
In Blogmini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails function, related to app/templates/articlecomments.html...
CVE-2019-9765
In Blogmini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails function, related to app/templates/articlecomments.html...
CVE-2019-9765
In Blogmini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails function, related to app/templates/articlecomments.html...
CVE-2019-9765
Blog_mini 1.0 is affected by an XSS vulnerability that arises when a comment reply author name is not properly sanitized in app/main/views.py articleDetails(), with the issue referencing app/templates/_article_comments.html. This could allow injected scripts via the author name field as part of a...