6 matches found
Z-Blog 1.5.1.1740 - Cross-Site Scripting
Z-Blog 1.5.1.1740 - Cross-Site Scripting Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS...
Z-Blog 1.5.1.1740 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Exploit Author: zzw email protected Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS...
Z-Blog 1.5.1.1740 Cross Site Scripting
Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS vulnerability than can attack the users. poc:...
Z-Blog 1.5.1.1740 - Cross-Site Scripting
Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS vulnerability than can attack the users. poc:...
CVE-2018-7736
In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZCBLOGSUBNAME parameter or ZCUPLOADFILETYPE parameter. NOTE: the software maintainer disputes that this is a vulnerability...
CVE-2018-7736
Z-BlogPHP 1.5.1.1740 has an XSS issue in cmd.php exploitable via ZC_BLOG_SUBNAME or ZC_UPLOAD_FILETYPE (observed payloads demonstrate client-side script injection). The CVE entry notes the maintainer disputes this as a vulnerability. Connected sources (Exploit-DB, 1337DAY, PacketStorm) describe w...