177 matches found
bolo-solo 代码注入漏洞
Bolo-Solo is a blog system developed under the open source Bolo-Blog project. Version 2.6.4 of Bolo-Solo contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter articleTitle in the file /console/article/. It may lead to cross-site scripting attac...
bareiron 安全漏洞
Bareiron is a Minecraft game server developed by the P2R3 individual developer. Bareiron has a security vulnerability, which stems from excessive memory access. This vulnerability could allow unverified attackers to access sensitive information or cause denial-of-service attacks...
CVE-2026-1812
A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...
CVE-2026-1810
A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
bolo-solo 代码问题漏洞
Bolo-Solo is a blog system developed under the open source Bolo-Blog project. Versions of Bolo-Solo 2.6.4 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of parameters by the FreeMarker Template Handler component in the file...
CVE-2026-1813 bolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted upload
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813 bolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted upload
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813
The CVE-2026-1813 entry concerns bolo-blog bolo-solo up to version 2.6.4, involving the FreeMarker Template Handler. It identifies an issue in the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java where manipulation of the File argument enables unrestricted upload. This could all...
CVE-2026-1812
A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...
CVE-2026-1812
A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...
CVE-2026-1812
A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...
CVE-2026-1812 bolo-blog bolo-solo Filename BackupService.java importFromCnblogs path traversal
A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...
CVE-2026-1812 bolo-blog bolo-solo Filename BackupService.java importFromCnblogs path traversal
A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to...
CVE-2026-1811
A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. Executing a manipulation of the argument File can lead to path traversal. The attack may ...
CVE-2026-1811 bolo-blog bolo-solo Filename BackupService.java importFromMarkdown path traversal
A flaw has been found in bolo-blog bolo-solo up to 2.6.4. This affects the function importFromMarkdown of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. Executing a manipulation of the argument File can lead to path traversal. The attack may ...
CVE-2026-1811
The CVE-2026-1811 entry concerns bolo-blog bolo-solo up to version 2.6.4. The vulnerability lies in the Filename Handler’s importFromMarkdown function (BackupService.java). Manipulating the File argument can trigger path traversal, with a remote attack vector. Public exploitation has been publish...