Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.7 views

CVE-2020-13889

showAlert in the administration panel in Bludit 3.12.0 allows XSS...

5.4CVSS6.9AI score0.00857EPSS
Exploits2
NVD
NVD
added 2021/05/21 6:15 p.m.23 views

CVE-2020-23765

A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server...

7.2CVSS0.01102EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/28 12:0 a.m.6 views

Bludit cross-site scripting vulnerability (CNVD-2021-22131)

Bludit is a simple, fast and secure flat file CMS. A stored cross-site scripting vulnerability exists in bl-kernel/ajax/logo-upload.php in Bludit 3.12.0. An attacker can exploit this vulnerability to inject arbitrary JavaScript and HTML code...

5.4CVSS5.7AI score0.0051EPSS
Exploits1References1
OSV
OSV
added 2020/06/24 7:15 p.m.13 views

CVE-2020-15026

Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php...

4.9CVSS7AI score
Exploits0References1
NVD
NVD
added 2020/06/24 7:15 p.m.44 views

CVE-2020-15026

Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php...

4.9CVSS0.01299EPSS
Exploits1References1
Prion
Prion
added 2020/06/24 7:15 p.m.16 views

Directory traversal

Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php...

4CVSS5.3AI score0.01299EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/06/24 6:42 p.m.18 views

CVE-2020-15026

Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php...

5.3AI score0.01299EPSS
Exploits1References1
NVD
NVD
added 2020/06/24 11:15 a.m.14 views

CVE-2020-15006

Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php...

5.4CVSS0.0051EPSS
Exploits1References1
OSV
OSV
added 2020/06/24 11:15 a.m.21 views

CVE-2020-15006

Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php...

5.4CVSS5.6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/06/24 11:15 a.m.2 views

CVE-2020-15006

Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php...

5.4CVSS5.7AI score0.0051EPSS
Exploits1References2
OSV
OSV
added 2020/06/06 8:15 p.m.13 views

CVE-2020-13889

showAlert in the administration panel in Bludit 3.12.0 allows XSS...

5.4CVSS6.8AI score0.00857EPSS
Exploits2References1
Prion
Prion
added 2020/06/06 8:15 p.m.15 views

Cross site scripting

showAlert in the administration panel in Bludit 3.12.0 allows XSS...

3.5CVSS5.5AI score0.00857EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder