6 matches found
EUVD-2019-4330
Malware in sbrugna...
EUVD-2024-21968
Malicious code in bioql PyPI...
EUVD-2024-21971
Malicious code in bioql PyPI...
EUVD-2024-21970
Malicious code in bioql PyPI...
Bludit cross-site scripting vulnerability (CNVD-2021-22131)
Bludit is a simple, fast and secure flat file CMS. A stored cross-site scripting vulnerability exists in bl-kernel/ajax/logo-upload.php in Bludit 3.12.0. An attacker can exploit this vulnerability to inject arbitrary JavaScript and HTML code...
CVE-2019-12742
Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object Reference a modified username POST parameter...