182 matches found
CVE-2025-9004
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...
CVE-2025-9004
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...
CVE-2025-9005 mtons mblog register information exposure
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...
CVE-2025-9005
The vulnerability CVE-2025-9005 affects mtons mblog up to version 3.5.0, where an unknown function in the /register endpoint can trigger information exposure via an error message. It can be exploited remotely; attack complexity is high and exploitation is not trivial. Public disclosure exists, wi...
CVE-2025-9005 mtons mblog register information exposure
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...
CVE-2025-9004 mtons mblog password excessive authentication
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...
CVE-2025-9004
CVE-2025-9004 affects mtons mblog up to version 3.5.0 (and related advisories reference versions prior to 3.5.1). The issue stems from improper restriction of excessive authentication attempts when processing /settings/password, with potential remote initiation. Exploitation is described as diffi...
CVE-2025-9004 mtons mblog password excessive authentication
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...
CVE-2025-8992
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8992
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8992 mtons mblog cross-site request forgery
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8992
Summary: CVE-2025-8992 affects mtons mblog up to version 3.5.0, with a cross-site request forgery (CSRF) flaw arising in an unknown functionality. The vulnerability can be exploited remotely and exploit details have been publicly disclosed. Multiple connected sources corroborate this issue (Red H...
CVE-2025-8992 mtons mblog cross-site request forgery
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...
mblog 安全漏洞
mblog is a blogging system by the individual developer langhsu. A security vulnerability exists in mblog 3.5.0 and earlier versions, which stems from an incorrect operation of the file /register that results in the disclosure of information via an error message...
mblog 安全漏洞
mblog is a blogging system by langhsu individual developer. A security vulnerability exists in mblog 3.5.0 and earlier versions, which stems from vulnerability to cross-site request forgery attacks...
mblog 安全漏洞
mblog is a blogging system by langhsu individual developers. A security vulnerability exists in mtons mblog 3.5.0 and earlier versions, which stems from an improperly restricted authentication attempt due to incorrect manipulation of the file /settings/password...
PT-2025-33424 · Mtons · Mtons Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions up to 3.5.0 Description: A cross-site request forgery issue exists in mtons mblog. The issue affects some unknown functionality and can be exploited remotely. The exploit has been publicly disclosed. Recommendations: Upda...
PT-2025-33435 · Mtons · Mtons Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions prior to 3.5.1 Description: A vulnerability was found in mtons mblog up to version 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of...
CVE-2025-8927
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/sendcode of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The...
CVE-2025-8927 mtons mblog Verification Code send_code excessive authentication
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/sendcode of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The...