Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bludit bludit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-25297
Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote malicious users to execute arbitrary code and obtain sensitive information via edit-content.php.
Bludit Bludit 3.15.0
356
VMScore
CVE-2020-15026
Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php.
Bludit Bludit 3.12.0
NA
CVE-2023-31572
An issue in Bludit 4.0.0-rc-2 allows authenticated malicious users to change the Administrator password and escalate privileges via a crafted request.
Bludit Bludit 4.0.0
NA
CVE-2020-20210
Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images.
Bludit Bludit 3.9.2
NA
CVE-2023-24675
Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows malicious users to execute arbitrary code via the Categories Friendly URL.
Bludit Bludit 3.14.1
NA
CVE-2023-24674
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local malicious users to escalate privileges via the role:admin parameter.
Bludit Bludit 4.0.0
312
VMScore
CVE-2020-15006
Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php.
Bludit Bludit 3.12.0
312
VMScore
CVE-2020-13889
showAlert() in the administration panel in Bludit 3.12.0 allows XSS.
Bludit Bludit 3.12.0
3 Github repositories
605
VMScore
CVE-2021-25808
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows malicious users to execute arbitrary code via a crafted ZIP file.
Bludit Bludit 3.13.1
578
VMScore
CVE-2020-23765
A file upload vulnerability exists in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server.
Bludit Bludit 3.12.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »