Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost ghost vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34448
Ghost prior to 5.82.0 allows CSV Injection during a member CSV export.
NA
CVE-2021-47490
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix memleak in ttm_transfered_destroy We need to cleanup the fences for ghost objects as well. Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214029 Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214...
NA
CVE-2024-34559
Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a up to and including 1.4.0.
NA
CVE-2024-23724
Ghost up to and including 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that...
NA
CVE-2024-23725
Ghost prior to 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.
Ghost Ghost
NA
CVE-2023-40028
Ghost is an open source content management system. Versions before 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site admi...
Ghost Ghost
2 Github repositories
NA
CVE-2022-4537
The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.0.18. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restricti...
Wpplugins Hide My Wp Ghost
NA
CVE-2023-31133
Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fiel...
Ghost Ghost
NA
CVE-2023-32235
Ghost prior to 5.42.1 allows remote malicious users to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.
Ghost Ghost
1 Github repository
NA
CVE-2020-24736
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local malicious user to cause a denial of service via a crafted script.
Ghost Sqlite3 3.27.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »