12 matches found
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
Linux Distros Unpatched Vulnerability : CVE-2017-17091
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attacker...
CVE-2020-18194
Cross Site Scripting XSS in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post...
Emlog 跨站脚本漏洞
emlog is a PHP and MySQL based blog and CMS builder. A cross-site scripting vulnerability exists in emlog version 6.0.0. The vulnerability can be exploited to execute arbitrary code by adding a specially crafted script as a link to a new blog post...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
Happy 15th Birthday TaoSecurity Blog
Today, 8 January 2018, is the 15th birthday of TaoSecurity Blog! This is also my 3,020th blog post. I wrote my first post on 8 January 2003 while working as an incident response consultant for Foundstone. I don't believe I've released statistics for the blog before, so here are a few. Blogger...
New home for the Security Group blog
News New home for the Security Group blog Share October 31st, 2013 Welcome to the new home of the Opera Security Group. We have changed our blogging platform. For more more information regarding the switch, please see this post. If you received this blog post in your feed reader, you do not need ...
CVE-2010-2697
Cross-site scripting XSS vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to editblog/index.php. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to editblog/index.php. NOTE: some of these details are obtained from third party information...
youtube.txt
Youtube.com Homepage: http://www.youtube.com Affected files: Search box input Adding a new blog: - Blog name XSS Vuln with cookie disclosure via search box: Data isn't sanatized when using the search box. For PoC input: PoC link:...
Authentication flaw
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1...