Lucene search
+L

182 matches found

Cvelist
Cvelist
added 2021/04/01 7:1 p.m.24 views

CVE-2020-19618

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post content field to /post/editing...

5.3AI score0.00637EPSS
Exploits1References1
CVE
CVE
added 2021/04/01 6:59 p.m.69 views

CVE-2020-19617

CVE-2020-19617 affects mblog 3.5. The issue is a Cross-Site Scripting (XSS) vulnerability exploitable via the nickname field in /settings/profile. The root cause is not explicitly detailed beyond the XSS description in the provided sources. Potential impact is XSS that could inject arbitrary scri...

5.4CVSS5.2AI score0.00603EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/01 6:59 p.m.18 views

CVE-2020-19617

Cross Site Scripting XSS vulnerability in mblog 3.5 via the nickname field to /settings/profile...

5.3AI score0.00603EPSS
Exploits1References1
CVE
CVE
added 2021/04/01 6:56 p.m.64 views

CVE-2020-19616

CVE-2020-19616 concerns a Cross-Site Scripting (XSS) vulnerability in the open-source Java blog system mblog, reported for version 3.5.0. The flaw is triggered via the post header field when editing a post, specifically through the /post/editing endpoint. The connected sources corroborate the iss...

5.4CVSS5.2AI score0.00603EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/01 6:56 p.m.15 views

CVE-2020-19616

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post header field to /post/editing...

5.3AI score0.00603EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/04/01 12:0 a.m.6 views

langhsu mblog 跨站脚本漏洞

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 has a cross-site scripting vulnerability , the vulnerability stems from post editing via the post content field . An attacker can use this vulnerability to inject arbitrary Web script or HT...

5.4CVSS5.5AI score0.00637EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/04/01 12:0 a.m.6 views

langhsu mblog 跨站脚本漏洞

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 has a cross-site scripting vulnerability that can be exploited to inject arbitrary Web script or HTML via the nickname field in /settings/profile...

5.4CVSS5.4AI score0.00603EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/04/01 12:0 a.m.5 views

langhsu mblog 跨站脚本漏洞

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 cross-site scripting vulnerability , an attacker can /settings/profile of the signature field to exploit the vulnerability to inject arbitrary Web script or HTML...

5.4CVSS5.4AI score0.00637EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/04/01 12:0 a.m.5 views

langhsu mblog 跨站脚本漏洞

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5.0 suffers from a cross-site scripting vulnerability. Attackers can use the /post/editing post header field to inject arbitrary Web script or HTML...

5.4CVSS5.3AI score0.00603EPSS
Exploits1References2
CNVD
CNVD
added 2021/02/11 12:0 a.m.2 views

Mblog open source Java blog system has XSS vulnerability

Mblog open source Java blog system , support for multiple users , support for switching themes and so on. Mblog open source Java blog system has an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

5.9AI score
Exploits0
CNVD
CNVD
added 2020/11/30 12:0 a.m.4 views

Mblog open source Java blog system has a logic flaw vulnerability

Mblog is a Java language development , support for mysql/h2 database , using spring-boot, jpa, shiro, bootstrap and other popular frameworks for the development of open source free blog system . Mblog open source Java blog system has a logic flaw vulnerability , an attacker can use the...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/11/20 12:0 a.m.1 views

XSS Vulnerability in mblog Blog System

mblog is a Java language development , support for mysql/h2 database , using spring-boot, jpa, shiro, bootstrap and other popular frameworks for the development of open-source free blog system . mblog blog system has an XSS vulnerability , an attacker can exploit the vulnerability to obtain user...

6.2AI score
Exploits0
0day.today
0day.today
added 2010/11/22 12:0 a.m.21 views

mBlog Directory listing found Vulnerability

Exploit for php platform in category web applications =========================================== mBlog Directory listing found Vulnerability =========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 3 3 3 3 7 /' \ /'\ /'\ /\ \ /\ /\ \ 7 ...

7.1AI score
Exploits0
Prion
Prion
added 2007/12/28 9:46 p.m.17 views

Directory traversal

Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. dot dot in the page parameter in a page mode action...

6.4CVSS7.2AI score0.02361EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2007/12/28 9:46 p.m.17 views

CVE-2007-6582

Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. dot dot in the page parameter in a page mode action...

6.4CVSS6.6AI score0.02361EPSS
Exploits1References5
CVE
CVE
added 2007/12/28 9:0 p.m.41 views

CVE-2007-6582

CVE-2007-6582 : A directory traversal vulnerability in index.php of mBlog 1.2 allows remote attackers to read arbitrary files by supplying a .. sequence in the page parameter within a page mode action. This is tied to the vulnerable component/function (index.php, page mode) and enables partial co...

6.4CVSS6.7AI score0.02361EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2007/12/28 9:0 p.m.25 views

CVE-2007-6582

Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. dot dot in the page parameter in a page mode action...

6.6AI score0.02361EPSS
Exploits1References5
seebug.org
seebug.org
added 2007/12/24 12:0 a.m.23 views

mBlog 'index.php'本地文件包含漏洞

mBlog是一款基于PHP的WEB应用程序。 mBlog不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是由于'index.php'脚本对用户提交的WEB参数缺少过滤,提交远程服务器上的任意文件作为包含对象,可导致以WEB权限执行任意PHP代码。 C97.net mBlog 1.2 目前没有解决方案提供: http://www.c97.net/product.php?p=mblog...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/12/22 12:0 a.m.12 views

mBlog 1.2 (page) Remote File Disclosure Vulnerability

No description provided by source. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : : : vuln.: mBlog 1.2 Remote File Disclosure Vulnerability : : script info and download: http://www.c97.net/dl/index.php?act=view&id=8 : : no dork for s-kiddie ; : : &nbsp...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/12/21 12:0 a.m.16 views

mBlog 1.2 (page) Remote File Disclosure Vulnerability

Exploit for unknown platform in category web applications ===================================================== mBlog 1.2 page Remote File Disclosure Vulnerability ===================================================== :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::...

7.1AI score
Exploits0
Rows per page
Query Builder