Tale Blog Security Vulnerabilities

Tale Blog is a Java blog developed using the Tale Blog System, which is open-source. Version 2.0.5 of Tale Blog has a security vulnerability that can be exploited by cross-site scripting attacks...

Tale Blog 代码注入漏洞

Tale Blog is a Java blog open-sourced by Tale Blog System. A code injection vulnerability exists in Tale Blog version 2.0.5, which originates from cross-site scripting and could lead to remote attacks...

OneBlog Template Injection Vulnerability

OneBlog is a Java blog. OneBlog suffers from a template injection vulnerability, no details of the vulnerability are provided at this time...

OneBlog 安全漏洞

OneBlog is a Java blog. OneBlog suffers from a template injection vulnerability, no details of the vulnerability are provided at this time...

Mblog 安全漏洞

langhsu mblog is langhsu open source an application system . Open source Java blog system , support for multi-user , support for switching themes . Mblog v.3.5.0 version has a security vulnerability . Attackers use the vulnerability through a specially crafted file on the theme management functio...

OneBlog User Management Module Cross-Site Scripting Vulnerability

OneBlog is a Java blog. A cross-site scripting vulnerability exists in OneBlog v2.3.4, which stems from a lack of effective filtering and escaping of user-supplied data in the User Management module, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a...

OneBlog 安全漏洞

OneBlog is a Java blog. OneBlog suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data in the Role Management module, which can be exploited by an attacker to steal the victim's cookie-based authentication credentials...

OneBlog 安全漏洞

OneBlog is a Java blog. A cross-site scripting vulnerability exists in OneBlog v2.3.4, which stems from a lack of effective filtering and escaping of user-supplied data in the User Management module, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a...

PerfreeBlog 代码问题漏洞

PerfreeBlog is a java-based blog/CMS builder. A security vulnerability exists in Perfree PerfreeBlog version v.3.1.2, which originates from a vulnerability that allows remote attackers to execute arbitrary code via a crafted plugin listed in admin/plugin/access/list...

mblog 代码问题漏洞

langhsu mblog is langhsu open source an application system . Open source Java blog system , support for multi-user , support for switching themes . mblog version 3.5.0 security vulnerabilities , the vulnerability stems from the existence of operating system command injection vulnerability ,...

OneBlog 代码问题漏洞

OneBlog is a Java blog. version v2.3.4 of OneBlog contains a server-side request forgery vulnerability in which the source parameter entryUrls fails to properly validate user input and can be exploited to probe the server's intranet resources...

Oracle OpenJDK ECDSA Signatures Vulnerability (CVE-2022-21449)

Oracle OpenJDK is prone to vulnerability in the implementation of ECDSA signature verification Component: security-libs/java.security. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

ZrLog Cross-Site Scripting Vulnerability (CNVD-2021-46876)

ZrLog is a blog/CMS program developed in Java that is minimalist, easy to use, componentized, and has a low memory footprint. A cross-site scripting vulnerability exists in ZrLog version 2.1.0. The vulnerability can be exploited to conduct cross-site scripting attacks via the userName and email...

Logic flaw vulnerability in the backend of the mayday blog system

mayday blog system is based on springboot, mybatis, ehcache, thymeleaf, bootstrap to do the blog system , support markdown editor Java blog system . mayday blog system backend there is a logic flaw vulnerability. Attackers can use the vulnerability to bypass authentication and obtain sensitive...

Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26119)

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5.0 suffers from a cross-site scripting vulnerability. Attackers can use the /post/editing post header field to inject arbitrary Web script or HTML...

Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26164)

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 cross-site scripting vulnerability , an attacker can /settings/profile of the signature field to exploit the vulnerability to inject arbitrary Web script or HTML...

Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26163)

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 has a cross-site scripting vulnerability , the vulnerability stems from post editing via the post content field . An attacker can use this vulnerability to inject arbitrary Web script or HT...

Mblog open source Java blog system has XSS vulnerability

Mblog open source Java blog system , support for multiple users , support for switching themes and so on. Mblog open source Java blog system has an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

XSS Vulnerability in OneBlog

OneBlog is a Java blog . Developed using springboot and Bootstrap on the front end. OneBlog has an XSS vulnerability that can be exploited by an attacker to obtain sensitive information such as user cookies...

Mblog open source Java blog system has a logic flaw vulnerability

Mblog is a Java language development , support for mysql/h2 database , using spring-boot, jpa, shiro, bootstrap and other popular frameworks for the development of open source free blog system . Mblog open source Java blog system has a logic flaw vulnerability , an attacker can use the...