CVE-2023-29636

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString...

EUVD-2023-33177

Malicious code in bioql PyPI...

EUVD-2025-24019

Malicious code in bioql PyPI...

EUVD-2025-10914

Malicious code in bioql PyPI...

EUVD-2025-24017

Malicious code in bioql PyPI...

EUVD-2023-33180

Malicious code in bioql PyPI...

CVE-2025-9101

A weakness has been identified in zhenfeng13 My-Blog up to 1.0.0. This issue affects some unknown processing of the file /admin/tags/save of the component Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the publi...

CVE-2025-9100

A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The manipulation leads to authentication bypass by capture-replay. The attack can be initiated remotely. The...

CVE-2025-9100

A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The manipulation leads to authentication bypass by capture-replay. The attack can be initiated remotely. The...

CVE-2025-9101

CVE-2025-9101 concerns zhenfeng13 My-Blog (

PT-2025-33629 · Zhenfeng13 · Myblog

Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog version 1.0.0 Description: A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The...

CVE-2025-8740

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to...

CVE-2025-8739

The CVE-2025-8739 issue affects zhenfeng13 My-Blog up to version 1.0.0. The vulnerability resides in the /admin/tags/save processing where manipulating the tagName parameter enables cross-site request forgery (CSRF). Impact is described as CSRF without details on confidentiality or integrity beyo...

PT-2025-32412 · Zhenfeng13 · Myblog

Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog versions up to 1.0.0 Description: A cross-site scripting issue exists in zhenfeng13 My-Blog up to version 1.0.0. The issue is related to the manipulation of the categoryName argument within an unknown function of the...

PT-2025-32411 · Myblog · Myblog

Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog versions up to 1.0.0 Description: A cross-site request forgery issue exists due to the manipulation of the tagName argument in the processing of the /admin/tags/save API endpoint. The attack can be initiated remotely. The...

CVE-2023-29639

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...

CVE-2023-1937

A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attac...

CVE-2025-3808

A vulnerability has been found in zhenfeng13 My-BBS 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Multiple...

CVE-2025-3591

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/v1/blog/edit. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-3592

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/v1/link/edit. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...