Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

17 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-19201

Malware in sbrugna...

7.2CVSS7AI score0.02203EPSS
Exploits1References3
OSV
OSVadded 2022/09/02 5:15 a.m.2 views

CVE-2022-37679

Miniblog.Core v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blog/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field...

4.8CVSS5.9AI score0.00397EPSS
Exploits1References1
CNNVD
CNNVDadded 2022/09/02 12:0 a.m.2 views

madskristensen Miniblog.Core 跨站脚本漏洞

madskristensen Miniblog.Core is a blogging engine built on ASP.NET Core. A security vulnerability exists in madskristensen Miniblog.Core v1.0, which allows attackers to execute arbitrary web script or HTML by injecting a crafted payload into the Excerpt field via the /blog/edit component...

4.8CVSS5.6AI score0.00397EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2022/09/02 12:0 a.m.3 views

PT-2022-24038 · Unknown · Miniblog.Core

Name of the Vulnerable Software and Affected Versions: Miniblog.Core version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field in the "/blog/edit" API endpoint. This enables the execution of malicious code on...

4.8CVSS5.4AI score0.00397EPSS
Exploits1References3
NVD
NVDadded 2019/06/14 8:29 p.m.14 views

CVE-2019-9842

madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in appcode/handlers/PostHandler.cs writes a decoded base64 string to a file without validating the extension...

7.2CVSS7.3AI score0.02203EPSS
Exploits1References2
OSV
OSVadded 2019/04/16 6:29 p.m.1 views

CVE-2019-9845

madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension...

9.8CVSS7.6AI score0.02527EPSS
Exploits1References2
CNVD
CNVDadded 2018/06/15 12:0 a.m.1 views

miniblog Unauthorized Access Vulnerability

miniblog is a blog system developed by php. miniblog has an unauthorized access vulnerability, attackers can exploit the vulnerability to directly log in to the background page to obtain administrator privileges...

6.8AI score
Exploits0References1
CNVD
CNVDadded 2016/10/10 12:0 a.m.2 views

miniblog Cross-Site Request Forgery Vulnerability

miniblog is a lightweight blog and news system for websites written in PHP and MySQL. A cross-site request forgery vulnerability exists in the admin.php page of miniblog version 1.0.1, which can be exploited by attackers to add, delete, and edit posts...

6.9AI score
Exploits0References1
0day.today
0day.todayadded 2016/10/09 12:0 a.m.19 views

miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)

Exploit for php platform in category web applications Exploit Title : miniblog 1.0.1 - Cross-Site Request Forgery Add New Post Author : Besim Google Dork : Date : 09/10/2016 Type : webapps Platform : PHP Vendor Homepage : http://www.spyka.net/scripts/php/miniblog Software link :...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2016/10/09 12:0 a.m.21 views

miniblog 1.0.1 Cross Site Request Forgery

Exploit Title : miniblog 1.0.1 - Cross-Site Request Forgery Add New Post Author : Besim Google Dork : Date : 09/10/2016 Type : webapps Platform : PHP Vendor Homepage : http://www.spyka.net/scripts/php/miniblog Software link : http://dl.spyka.co.uk/scripts/php/miniblog-1-0-1.zip Description admin...

0.7AI score
Exploits0
exploitpack
exploitpackadded 2016/10/09 12:0 a.m.9 views

miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)

miniblog 1.0.1 - Cross-Site Request Forgery Add New Post Exploit Title : miniblog 1.0.1 - Cross-Site Request Forgery Add New Post Author : Besim Google Dork : Date : 09/10/2016 Type : webapps Platform : PHP Vendor Homepage : http://www.spyka.net/scripts/php/miniblog Software link :...

0.5AI score
Exploits0
Exploit DB
Exploit DBadded 2016/10/09 12:0 a.m.31 views

miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)

Exploit Title : miniblog 1.0.1 - Cross-Site Request Forgery Add New Post Author : Besim Google Dork : Date : 09/10/2016 Type : webapps Platform : PHP Vendor Homepage : http://www.spyka.net/scripts/php/miniblog Software link : http://dl.spyka.co.uk/scripts/php/miniblog-1-0-1.zip Description admin...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2011/06/18 12:0 a.m.31 views

Miniblog 1.0.0 Cross Site Request Forgery / Cross Site Scripting

Vulnerability ID: HTB23008 Reference: http://www.htbridge.ch/advisory/multiplexssinminiblog.html Product: miniblog Vendor: spyka Web Group http://www.spyka.net Vulnerable Version: 1.0.0 and probably prior Tested on: 1.0.0 Vendor Notification: 25 May 2011 Vulnerability Type: XSS Cross Site Scripti...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2011/06/17 12:0 a.m.38 views

HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog

Vulnerability ID: HTB23008 Reference: http://www.htbridge.ch/advisory/multiplexssinminiblog.html Product: miniblog Vendor: spyka Web Group http://www.spyka.net Vulnerable Version: 1.0.0 and probably prior Tested on: 1.0.0 Vendor Notification: 25 May 2011 Vulnerability Type: XSS Cross Site Scripti...

0.3AI score
Exploits0
exploitpack
exploitpackadded 2011/06/15 12:0 a.m.14 views

miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities

miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/48281/info miniblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary...

Exploits0
Exploit DB
Exploit DBadded 2011/06/15 12:0 a.m.20 views

miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/48281/info miniblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
htbridge
htbridgeadded 2011/05/25 12:0 a.m.34 views

Multiple Vulnerabilities in miniblog

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in miniblog which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in miniblog 1.1 The vulnerability exists due to input sanitation error i...

5.1CVSS6.5AI score
Exploits0Affected Software1
Rows per page
Query Builder