182 matches found
PT-2025-34725 · Unknown · Mtons Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions up to 3.5.0 Description: A vulnerability exists in mtons mblog up to version 3.5.0. The issue is located in an unknown function within the /admin/user/list file of the Admin Panel component. Manipulation of the Name...
PT-2025-34723 · Mblog · Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions prior to 3.5.1 Description: A flaw has been found in mtons mblog up to version 3.5.0. The issue affects an unknown function within the /search file. Manipulation of the kw argument causes cross-site scripting. The attack...
mblog 安全漏洞
mblog is a blog system by langhsu individual developer. A security vulnerability exists in mblog 3.5.0 and earlier versions, which originates from a cross-site scripting attack due to a misuse of the parameter Name in the file /admin/user/list...
CVE-2025-9429 mtons mblog Post submit cross site scripting
A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2025-9429 mtons mblog Post submit cross site scripting
A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2025-9429
CVE-2025-9429 affects mtons mblog up to 3.5.0. The vulnerability is in the Post Handler’s file path /post/submit, where manipulation of the content/title argument leads to cross-site scripting (XSS). The issue can be triggered remotely and the exploit has been publicly disclosed. Affected version...
CVE-2025-9407
A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...
CVE-2025-9407
A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...
CVE-2025-9407 mtons mblog profile cross site scripting
A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...
CVE-2025-9407 mtons mblog profile cross site scripting
A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...
CVE-2025-9407
CVE-2025-9407 affects mtons mblog up to version 3.5.0. The vulnerability lies in an unknown functionality of the file /settings/profile where manipulation of the signature parameter can trigger cross-site scripting. Exploitation is possible remotely. A fixed version is not present in the affected...
mblog 安全漏洞
mblog is a blogging system by langhsu individual developer. A security vulnerability exists in mblog 3.5.0 and earlier versions, which is caused by cross-site scripting in the signature parameter of file /settings/profile...
PT-2025-34605 · Mtons · Mtons Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions through 3.5.0 Description: A flaw has been found in mtons mblog. The vulnerability affects an unknown functionality of the file /settings/profile. Manipulation of the argument signature can lead to cross-site scripting. T...
PT-2025-34720 · Mtons · Mtons Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions prior to 3.5.1 Description: A security vulnerability has been detected in mtons mblog. The vulnerability affects unknown code within the /post/submit file of the Post Handler component. Manipulation of the content/title...
CVE-2025-9005
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...
CVE-2025-9004
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...
CVE-2025-8992
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8927
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/sendcode of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The...
CVE-2025-9005
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...
CVE-2025-9004
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...