CVE-2024-13192

ZeroWdd myblog 1.0 contains a cross-site scripting vulnerability in the update function of BlogController.java. The issue allows remote exploitation and the exploit has been publicly disclosed; multiple connected sources validate the CVE-2024-13192 details. No official patch/version is stated in ...

myblog 安全漏洞

myblog is a personal blog by the individual developer of ZeroWdd. A security vulnerability exists in version 1.0 of myblog, which stems from a feature update in file src/main/java/com/wdd/myblog/controller/admin/BlogController.java that can lead to cross-site scripting...

CVE-2024-13144

A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. It...

Cross site scripting

nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and \Presentation\Nop.Web\Areas\Admin\Controllers\BlogController.cs via Body or Full to Admin/News/NewsItemEdit/id Admin/Blog/BlogPostEdit/id. NOTE: the...

里程密博客系统 Application/Home/Controller/BlogController.class.php等两处SQL注入

No description provided by source...