Ghost 跨站请求伪造漏洞

Ghost is a hosting service developed by the Ghost open-source project. Versions of Ghost from 5.101.6 to 6.19.2 contain a cross-site request forgeing vulnerability. This vulnerability stems from incomplete cross-site request forgeing protection in session verification, which could allow phishing...

Ghost 注入漏洞

Ghost is a hosting service developed by the Ghost open-source project. Versions of Ghost from 0.7.2 to 6.19.0 have a vulnerability related to injections. This vulnerability arises due to specially crafted malicious themes that may execute arbitrary code on the server...

Ghost SQL注入漏洞

Ghost is a hosting service developed by the Ghost open-source project. Versions of Ghost from 3.24.0 to 6.19.0 have SQL injection vulnerabilities. These vulnerabilities stem from unvalidated code, which may allow unauthorized attackers to execute arbitrary reads from the database...

Ghost cross-site scripting vulnerabilities

Ghost is a hosting service developed by the Ghost open-source project. Versions of Ghost from 5.43.0 to 5.12.04, as well as 6.0.0 to 6.14.0, have a cross-site scripting vulnerability. This vulnerability arises because specially crafted links may execute JavaScript, potentially leading to account...

Ghost 授权问题漏洞

Ghost is a hosting service of Ghost Open Source. An authorization issue vulnerability exists in Ghost versions 5.105.0 through 5.130.5 and 6.0.0 through 6.10.3, which stems from a flaw in Ghost's two-factor authentication mechanism that could cause a staff user to skip two-factor authentication f...

Ghost 安全漏洞

Ghost is a hosting service from Ghost Open Source. A security vulnerability exists in Ghost versions v4.46.0 through prior to v5.89.5 that stems from improper authentication and allows an attacker to perform member-only actions and read member information...