Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog project blog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2435
The Blog-in-Blog plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.1 via a shortcode attribute. This allows editor-level, and above, malicious users to include and execute arbitrary files on the server, allowing the execution of any ...
Blog-in-blog Project Blog-in-blog
NA
CVE-2023-29636
Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows malicious users to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString.
Zhenfeng13 My-blog Project Zhenfeng13 My-blog -
NA
CVE-2023-29639
Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows malicious users to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString.
Zhenfeng13 My-blog Project Zhenfeng13 My-blog -
NA
CVE-2023-2101
A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. Th...
Mogublog Project Mogublog
NA
CVE-2023-1937
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to...
My-blog Project My-blog -
NA
CVE-2023-27093
Cross Site Scripting vulnerability found in My-Blog allows malicious users to cause a denial of service via the Post function.
My-blog Project My-blog -
NA
CVE-2021-35290
File Upload vulnerability in balerocms-src 0.8.3 allows remote malicious users to run arbitrary code via rich text editor on /admin/main/mod-blog page.
Balero Cms Project Balero Cms 0.8.3
NA
CVE-2022-40036
An issue exists in Rawchen blog-ssm v1.0 allows an malicious user to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.
Blog-ssm Project Blog-ssm 1.0
NA
CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote malicious user to escalate privileges and execute arbitrary commands via the component /upFile.
Javaweb Blog Project Javaweb Blog 1.0
NA
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing malicious users to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.
Blog-ssm Project Blog-ssm 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »