Lucene search
K

58 matches found

Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.10 views

PT-2026-41539

A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb system/function/c system event.php of the component Commend Approval Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/20 6:31 p.m.9 views

EUVD-2026-23876

A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zbusers/plugin/AppCentre/appupload.php of the component ZBA File Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit is publicly available an...

5.8CVSS5.4AI score0.00223EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/20 2:30 p.m.8 views

CVE-2026-6650 Z-BlogPHP ZBA File app_upload.php UnPack unrestricted upload

A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zbusers/plugin/AppCentre/appupload.php of the component ZBA File Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit is publicly available an...

5.8CVSS5.4AI score0.00223EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.7 views

PT-2026-33780

A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zb users/plugin/AppCentre/app upload.php of the component ZBA File Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit is publicly available...

5.8CVSS5.4AI score0.00223EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-3075

Malware in sbrugna...

7.8CVSS6.4AI score0.01464EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/06 12:0 a.m.9 views

Z-BlogPHP 安全漏洞

Z-BlogPHP is an open source PHP-based blogging system for the Z-Blog community. A security vulnerability exists in Z-BlogPHP version 1.7.3, which stems from vulnerability to arbitrary code attack via zbusers hemeshell emplate execution...

9.8CVSS7.3AI score0.00594EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.10 views

PT-2024-28385 · Z Blogphp · Z-Blogphp

Name of the Vulnerable Software and Affected Versions: Z-BlogPHP version 1.7.3 Description: A cross-site scripting XSS vulnerability in the Backend Theme Management module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For Z-BlogPHP version 1.7.3...

6.1CVSS6AI score0.00683EPSS
Exploits1References7
OSV
OSV
added 2021/12/02 11:15 p.m.4 views

CVE-2020-29177

Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion vulnerability via \appdel.php...

9.1CVSS7.4AI score0.0093EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/27 12:0 a.m.6 views

Z-BlogPHP 安全漏洞

Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. A security vulnerability exists in Z-BlogPHP version 1.6.0, which stems from the passwordvisitinputpassword function in zbuser/plugin/passwordvisit/include.php that uses loose comparisons for authentication, which...

7.5CVSS7.1AI score0.01074EPSS
Exploits0References2
CNVD
CNVD
added 2019/10/28 12:0 a.m.2 views

File Upload Vulnerability in Z-Blog

Z-Blog is an open source program based on Asp and PHP platforms. Z-Blog has a file upload vulnerability that can be exploited by an attacker to gain control of the web server...

7.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2018/04/16 9:58 a.m.7 views

CVE-2018-9153

The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the appid parameter to zbusers/plugin/AppCentre/pluginedit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component must be accessed directl...

8.8CVSS6.1AI score0.01226EPSS
Exploits0References2
exploitpack
exploitpack
added 2018/04/05 12:0 a.m.41 views

Z-Blog 1.5.1.1740 - Cross-Site Scripting

Z-Blog 1.5.1.1740 - Cross-Site Scripting Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS...

4.3CVSS6.1AI score0.03393EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/04/05 12:0 a.m.37 views

Z-Blog 1.5.1.1740 Full Path Disclosure

Exploit Title: Z-Blog 1.5.1.1740 Web Site physical path leakage Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7737 This is a WebSite physical path...

5CVSS5.8AI score0.08817EPSS
Exploits5
0day.today
0day.today
added 2018/04/05 12:0 a.m.72 views

Z-Blog 1.5.1.1740 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Exploit Author: zzw email protected Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS...

4.3CVSS0.2AI score0.03393EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/05 12:0 a.m.21 views

Z-Blog 1.5.1.1740 - Full Path Disclosure

Z-Blog 1.5.1.1740 - Full Path Disclosure Exploit Title: Z-Blog 1.5.1.1740 Web Site physical path leakage Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE :...

5CVSS5.4AI score0.08817EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/04/05 12:0 a.m.53 views

Z-Blog 1.5.1.1740 Cross Site Scripting

Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS vulnerability than can attack the users. poc:...

4.3CVSS6.4AI score0.03393EPSS
Exploits5
0day.today
0day.today
added 2018/04/05 12:0 a.m.47 views

Z-Blog 1.5.1.1740 - Full Path Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Z-Blog 1.5.1.1740 Web Site physical path leakage Vulnerability Exploit Author: zzw email protected Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE :...

5CVSS0.08817EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/05 12:0 a.m.56 views

Z-Blog 1.5.1.1740 - Cross-Site Scripting

Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS vulnerability than can attack the users. poc:...

6.1CVSS6.3AI score0.03393EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/05 12:0 a.m.57 views

Z-Blog 1.5.1.1740 - Full Path Disclosure

Exploit Title: Z-Blog 1.5.1.1740 Web Site physical path leakage Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7737 This is a WebSite physical path...

5.3CVSS5.3AI score0.08817EPSS
Exploits5
OSV
OSV
added 2018/03/31 10:29 p.m.6 views

CVE-2018-8893

Z-BlogPHP 1.5.1 Zero has CSRF in pluginedit.php, resulting in the ability to execute arbitrary PHP code...

8.8CVSS6AI score0.00465EPSS
Exploits0References1
Rows per page
Query Builder