Lucene search
Perfreeblog Security Vulnerabilities - 2023
cve
An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file.
9.8CVSS
9.4AI Score
0.002EPSS
2023-03-15 03:15 AM
24
cve
Cross Site Scripting (XSS) vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function.
5.4CVSS
5.5AI Score
0.001EPSS
2023-05-01 04:15 PM
15
cve
An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file.
9.8CVSS
9.5AI Score
0.003EPSS
2023-05-18 07:15 PM
28
cve
An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list.
7.2CVSS
7.2AI Score
0.002EPSS
2023-08-28 10:15 PM
13