Code-Projects Responsive Blog Site 注入漏洞

Code-Projects Responsive Blog Site is a responsive blog site from Code-Projects open source. An injection vulnerability exists in Code-Projects Responsive Blog Site version 1.0, which stems from an incorrect manipulation of the parameter ID in the file /single.php resulting in SQL injection...

Simple-Log Cross-Site Request Forgery Vulnerability (CNVD-2021-40777)

Simple-Log is an open source free blog system based on PHP+MySQL. A cross-site request forgery vulnerability exists in Simple-Log v1.6, which is caused by Simple-Log not adequately verifying that requests come from trusted users. The vulnerability can be exploited to gain privileges and execute...

Arbitrary Directory Deletion Vulnerability in Mile High PHP Open Source Blog System (CNVD-2020-59461)

MileageMi is a ThinkPHP open source blogging system. MileageMi PHP open source blog system has an arbitrary directory deletion vulnerability that can be exploited by attackers to delete directory files...

Li Lei's blog suffers from a file upload vulnerability (CNVD-2020-47302)

Li Lei blog is an open source PHP blog management system . Li Lei Blog has a file upload vulnerability that can be exploited by an attacker to gain control of the server...

Lee Lei's blog sh***_m***.php page suffers from SQL injection vulnerability

Li Lei blog is an open source PHP blog management system . Li Lei blog shm.php page SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in Li Lei's Blog

Li Lei blog is an open source PHP blog management system . Li Lei Blog has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

Li Lei's blog suffers from SQL injection vulnerability (CNVD-2020-32567)

Li Lei blog is an open source PHP blog management system . Li Lei Blog has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

BlogEngine path traversal vulnerability (CNVD-2019-18836)

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments , custom themes and so on. A path traversal vulnerability exists in BlogEngine 3.3.7 and earlier versions. The vulnerability stems from the failure of a network system or product to properly filter special elemen...

Blogifier design flaws

Blogifier is a lightweight open source blog system written using ASP.NET Core . Blogifier 2.3 prior to 2019-05-11 fails to restrict the API properly, as shown by the lack of a check in the pathname for... The check shown in the...

Google Employees Help Thousands Of Open Source Projects Patch Critical ‘Mad Gadget Bug’

Last year Google employees took an initiative to help thousands of Open Source Projects patch a critical remote code execution vulnerability in a widely used Apache Commons Collections ACC library. Dubbed Operation Rosehub, the initiative was volunteered by some 50 Google employees, who utilized ...