CVE-2026-1812

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...

CVE-2026-1812

The CVE-2026-1812 issue affects bolo-blog/bolo-solo up to version 2.6.4. The flaw is a path traversal in the importFromCnblogs() function of BackupService.java in the Filename Handler component, caused by manipulation of the File argument. This allows remote exploitation and has had its exploit d...

PT-2026-6064

Name of the Vulnerable Software and Affected Versions bolo-blog bolo-solo versions up to 2.6.4 Description A path traversal issue exists due to the manipulation of the File argument within the importFromCnblogs function located in the src/main/java/org/b3log/solo/bolo/prop/BackupService.java file...

bolo-solo 路径遍历漏洞

Bolo-Solo is a blog system developed under the open source Bolo-Blog project. Versions of Bolo-Solo 2.6.4 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the improper handling of parameters File in the importFromCnblogs function in the file...