Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog cms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-1179
Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Appleple A-blog Cms
7.5
CVSSv2
CVE-2011-5140
Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote malicious users to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index.php, (d) main_index.php, (e) viewpost.php, (f) archive.php, (g) control/ap...
Diy-cms Blog 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-6552
PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the DIR_ADMIN parameter.
Php Blog Cms 4.1.3
1 EDB exploit
4.3
CVSSv2
CVE-2019-6033
Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Appleple A-blog Cms
4.3
CVSSv2
CVE-2019-6034
a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows arbitrary scripts to be executed in the context of the application due to unspecified vectors.
Appleple A-blog Cms
6.8
CVSSv2
CVE-2022-21142
Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated mal...
Appleple A-blog Cms
NA
CVE-2023-39650
Theme Volty CMS Blog up to version v4.0.1 exists to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single.
Themevolty Theme Volty Cms Blog
NA
CVE-2023-27846
SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote malicious user to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, t...
Themevolty Theme Volty Cms Blog
6.8
CVSSv2
CVE-2006-6035
Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the FADDR parameter.
F-art Agency Blog Cms
1 EDB exploit
7.5
CVSSv2
CVE-2006-3364
SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS prior to 4.1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
F-art Agency Blog Cms
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »