CVE-2017-17948
Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request.
6.1CVSS
5.9AI Score
0.001EPSS
CVE-2017-17949
Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter.
6AI Score
CVE-2017-17950
Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.
8.8CVSS
9.1AI Score