Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10961

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00638EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25717

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00848EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/28 2:41 a.m.18 views

CVE-2025-5164

A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This vulnerability affects the function JwtUtil of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is...

8.1CVSS6.7AI score0.0062EPSS
Exploits1References1
NVD
NVD
added 2025/05/26 3:15 a.m.23 views

CVE-2025-5164

A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This vulnerability affects the function JwtUtil of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is...

8.1CVSS0.0062EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.6 views

PT-2025-22876 · Unknown · Perfreeblog

Name of the Vulnerable Software and Affected Versions: PerfreeBlog version 4.0.11 Description: A vulnerability has been found in the function JwtUtil of the component JWT Handler, which leads to the use of a hard-coded cryptographic key. The attack can be initiated remotely, and the complexity of...

8.1CVSS3.8AI score0.0062EPSS
Exploits1References9
NVD
NVD
added 2025/04/15 2:15 p.m.26 views

CVE-2025-29280

Stored cross-site scripting vulnerability exists in PerfreeBlog v4.0.11 in the website name field of the backend system settings interface allows an attacker to insert and execute arbitrary malicious code...

4.8CVSS0.00239EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/15 12:0 a.m.7 views

CVE-2025-29281

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them...

7.7AI score0.00638EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/15 12:0 a.m.12 views

CVE-2025-29281

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them...

0.00638EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.6 views

PT-2025-16341 · Unknown · Perfreeblog

Name of the Vulnerable Software and Affected Versions: PerfreeBlog version 4.0.11 Description: A stored cross-site scripting vulnerability exists in the website name field of the backend system settings interface, allowing an attacker to insert and execute arbitrary malicious code. Recommendation...

4.8CVSS5.9AI score0.00239EPSS
Exploits1References8
CVE
CVE
added 2025/04/15 12:0 a.m.58 views

CVE-2025-29280

CVE-2025-29280 is a stored cross-site scripting vulnerability in PerfreeBlog v4.0.11, occurring in the website name field of the backend system settings interface. The issue allows an attacker to insert and execute arbitrary malicious code. The CVSS 3.1 base metrics indicate a Medium severity (4....

4.8CVSS6.6AI score0.00239EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/15 12:0 a.m.8 views

CVE-2023-27757

An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file...

9.6AI score0.00935EPSS
Exploits1References1
Rows per page
Query Builder