16 matches found
EUVD-2020-21557
Malware in sbrugna...
EUVD-2018-20752
Malware in sbrugna...
EUVD-2018-18592
Malware in sbrugna...
EUVD-2018-20501
Malware in sbrugna...
EUVD-2024-52791
Malicious code in bioql PyPI...
CVE-2024-55529
Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...
CVE-2020-29176
An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows attackers to execute arbitrary code via a crafted JPG file...
CVE-2020-29177
Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion vulnerability via \appdel.php...
CVE-2024-55529
Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...
CVE-2024-55529
CVE-2024-55529 affects Z-BlogPHP 1.7.3, with arbitrary code execution via the path zb_users\theme\shell\template. The issue is evidenced across multiple feeds (NVD/Red Hat/CNNVD/CVE.org), describing unauthenticated remote code execution (CVSS v3.1 score 9.8, vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:...
CVE-2024-55529
Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zbusers\theme\shell\template...
Z-BlogPHP 跨站脚本漏洞
Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. A security vulnerability exists in Z-BlogPHP version v.1.0. A local attacker exploited the vulnerability to execute arbitrary code via a specially crafted payload in the title parameter of the module management model...
CVE-2022-40357
A security issue was discovered in Z-BlogPHP = 1.7.2. A Server-Side Request Forgery SSRF vulnerability in the zbusers/plugin/UEditor/php/actioncrawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter...
PT-2022-25359 · Z Blogphp · Z-Blogphp
Name of the Vulnerable Software and Affected Versions: Z-BlogPHP versions prior to 1.7.3 Description: A security issue was discovered that allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter, due to a Server-Side...
Arbitrary file deletion
Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file deletion vulnerability via \appdel.php...
Z-BlogPHP Information Disclosure Vulnerability (CNVD-2021-43494)
Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. An information disclosure vulnerability exists in Z-BlogPHP, which stems from a configuration error in Open Redirect in Z-BlogPHP v1.5.2 and earlier versions. The vulnerability can be exploited to obtain sensitive...