2 matches found
Z-Blog 1.5.1.1740 - Cross-Site Scripting
Z-Blog 1.5.1.1740 - Cross-Site Scripting Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS...
CVE-2018-7736
In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZCBLOGSUBNAME parameter or ZCUPLOADFILETYPE parameter. NOTE: the software maintainer disputes that this is a vulnerability...