182 matches found
CVE-2025-8927 mtons mblog Verification Code send_code excessive authentication
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/sendcode of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The...
CVE-2025-8927
Summary (CVE-2025-8927) : A vulnerability exists in mtons mblog up to version 3.5.0 affecting the Verification Code Handler, specifically the file /email/send_code. Malicious manipulation of the email parameter can bypass restrictions on excessive authentication attempts. The issue can be exploit...
mblog 安全漏洞
mblog is a blogging system by langhsu individual developer. A security vulnerability exists in mblog 3.5.0 and earlier versions, which stems from an improper restriction of authentication attempts due to misuse of the parameter email in the file /email/sendcode...
PT-2025-33077 · Mtons · Mtons Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions up to 3.5.0 Description: A flaw exists in mtons mblog up to version 3.5.0 within the Verification Code Handler component, specifically in the /email/send code file. Manipulation of the email argument results in an imprope...
CVE-2024-28713
An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature...
CVE-2024-13199
A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can be launched remotel...
CVE-2024-13198
A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2021-27280
OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected...
CVE-2024-13199
A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can be launched remotel...
CVE-2024-13199
A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can be launched remotel...
CVE-2024-13198
A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2024-13198
A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2024-13199 langhsu Mblog Blog System Search Bar search cross site scripting
A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can be launched remotel...
CVE-2024-13199
CVE-2024-13199 affects langhsu Mblog Blog System 3.5.0. The vulnerability resides in the /search endpoint of the Search Bar component, where manipulating the kw argument triggers a cross-site scripting (XSS) vulnerability. The issue can be exploited remotely, and public disclosure has occurred. M...
CVE-2024-13199 langhsu Mblog Blog System Search Bar search cross site scripting
A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. The attack can be launched remotel...
CVE-2024-13198 langhsu Mblog Blog System login observable response discrepancy
A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2024-13198 langhsu Mblog Blog System login observable response discrepancy
A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2024-13198
CVE-2024-13198 affects langhsu Mblog Blog System 3.5.0. The vulnerability is in an unknown function of the file /login , causing an observable response discrepancy. It can be exploited remotely, with attack complexity described as high. Exploit has been disclosed publicly. Vendor response to disc...
mblog 安全漏洞
mblog is a blogging system by langhsu individual developer. A security vulnerability exists in mblog version 3.5.0, which stems from an unknown feature of file/login that causes significant response differences...
PT-2025-2056 · Unknown · Langhsu Mblog Blog System
Name of the Vulnerable Software and Affected Versions: langhsu Mblog Blog System version 3.5.0 Description: A problematic vulnerability has been found in the langhsu Mblog Blog System. The issue affects an unknown function of the file /login, leading to an observable response discrepancy. This ca...