Blog:cms Security Vulnerabilities and Issues — Blog:cms CVE List

Lucene search

BlogcmsBlog:cms

2 matches found

CVE•added 2011/03/01 10:0 p.m.•37 views

CVE-2010-4749

Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admin/index.php.

4.3CVSS6AI score0.05284EPSS

CVE•added 2011/03/01 10:0 p.m.•32 views

CVE-2010-4750

Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote attackers to hijack the authentication of administrators.

6.8CVSS7.4AI score0.00197EPSS