Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bludit vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-34845
Bludit v3.14.1 exists to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users ...
Bludit Bludit 3.14.1
1 Github repository
8.8
CVSSv3
CVE-2018-1000811
bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP cod...
Bludit Bludit 3.0.0
9.1
CVSSv3
CVE-2020-20495
bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter.
Bludit Bludit 3.13.0
4.8
CVSSv3
CVE-2019-16334
In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636.
Bludit Bludit 3.9.2
6.1
CVSSv3
CVE-2021-35323
Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login.
Bludit Bludit 3.13.1
8.8
CVSSv3
CVE-2019-16113
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.
Bludit Bludit 3.9.2
1 EDB exploit
12 Github repositories
4.3
CVSSv3
CVE-2020-8811
ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures.
Bludit Bludit 3.10.0
5.4
CVSSv3
CVE-2020-8812
Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug.
Bludit Bludit 3.10.0
5.4
CVSSv3
CVE-2022-1590
A vulnerability was found in Bludit 3.13.1. It has been declared as problematic. This vulnerability affects the endpoint /admin/new-content of the New Content module. The manipulation of the argument content with the input <script>alert(1)</script> leads to cross site...
Bludit Bludit 3.13.1
9.1
CVSSv3
CVE-2020-18190
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
Bludit Bludit 3.8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3