CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...

5.4CVSS3.6AI score0.00048EPSS

Exploits1References1

NVD•added 2025/08/25 11:15 a.m.•1 views

CVE-2025-9407

5.4CVSS0.00048EPSS

Exploits1References4

OSV•added 2025/08/25 11:15 a.m.•1 views

CVE-2025-9407

5.4CVSS4AI score

Exploits0References4

Vulnrichment•added 2025/08/25 10:32 a.m.•1 views

CVE-2025-9407 mtons mblog profile cross site scripting

5.1CVSS6.4AI score0.00048EPSS

Exploits1References4

Cvelist•added 2025/08/25 10:32 a.m.•6 views

CVE-2025-9407 mtons mblog profile cross site scripting

5.1CVSS0.00048EPSS

Exploits1References4

CVE•added 2025/08/25 10:32 a.m.•12 views

CVE-2025-9407

CVE-2025-9407 affects mtons mblog up to version 3.5.0. The vulnerability lies in an unknown functionality of the file /settings/profile where manipulation of the signature parameter can trigger cross-site scripting. Exploitation is possible remotely. A fixed version is not present in the affected...

5.4CVSS3.7AI score0.00048EPSS

Exploits1References4Affected Software1

CNNVD•added 2025/08/25 12:0 a.m.•1 views

mblog 安全漏洞

mblog is a blogging system by langhsu individual developer. A security vulnerability exists in mblog 3.5.0 and earlier versions, which is caused by cross-site scripting in the signature parameter of file /settings/profile...

5.4CVSS4.4AI score0.00048EPSS

Exploits1References5

Positive Technologies•added 2025/08/25 12:0 a.m.•1 views

PT-2025-34605 · Mtons · Mtons Mblog

Name of the Vulnerable Software and Affected Versions: mtons mblog versions through 3.5.0 Description: A flaw has been found in mtons mblog. The vulnerability affects an unknown functionality of the file /settings/profile. Manipulation of the argument signature can lead to cross-site scripting. T...

5.4CVSS3.5AI score0.00048EPSS

Exploits1References8

OSV•added 2024/08/20 2:15 p.m.•9 views

CVE-2024-39094

Friendica 2024.03 is vulnerable to Cross Site Scripting XSS in settings/profile via the homepage, xmpp, and matrix parameters...

5.4CVSS6AI score

Exploits0References3

Positive Technologies•added 2024/08/20 12:0 a.m.•3 views

PT-2024-28348 · Friendica · Friendica

Name of the Vulnerable Software and Affected Versions: Friendica version 2024.03 Description: The issue is related to Cross Site Scripting XSS in the settings/profile section via the homepage, xmpp, and matrix parameters. This allows for potential malicious script execution. Recommendations: For...

5.4CVSS5.8AI score0.00355EPSS

Exploits1References8

CNVD•added 2021/04/02 12:0 a.m.•4 views

Mblog Cross-Site Scripting Vulnerability (CNVD-2021-26164)

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 cross-site scripting vulnerability , an attacker can /settings/profile of the signature field to exploit the vulnerability to inject arbitrary Web script or HTML...

5.4CVSS6.2AI score0.00185EPSS

Exploits1References1

NVD•added 2021/04/01 8:15 p.m.•9 views

CVE-2020-19619

Cross Site Scripting XSS vulnerability in mblog 3.5 via the signature field to /settings/profile...

5.4CVSS0.00185EPSS

Exploits1References1

NVD•added 2021/04/01 7:15 p.m.•7 views

CVE-2020-19617

Cross Site Scripting XSS vulnerability in mblog 3.5 via the nickname field to /settings/profile...

5.4CVSS0.00185EPSS

Exploits1References1