Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bludit vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-8812
Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug.
Bludit Bludit 3.10.0
312
VMScore
CVE-2019-16334
In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636.
Bludit Bludit 3.9.2
312
VMScore
CVE-2017-16636
In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validation to trigger cross site scripting. The XSS is persistent and the request method t...
Bludit Bludit 2.0.1
Bludit Bludit 1.5.2
NA
CVE-2024-25297
Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote malicious users to execute arbitrary code and obtain sensitive information via edit-content.php.
Bludit Bludit 3.15.0
NA
CVE-2023-24674
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local malicious users to escalate privileges via the role:admin parameter.
Bludit Bludit 4.0.0
NA
CVE-2023-24675
Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows malicious users to execute arbitrary code via the Categories Friendly URL.
Bludit Bludit 3.14.1
NA
CVE-2020-20210
Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images.
Bludit Bludit 3.9.2
NA
CVE-2023-34845
Bludit v3.14.1 exists to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users ...
Bludit Bludit 3.14.1
1 Github repository
NA
CVE-2023-31698
Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration).
Bludit Bludit 3.14.1
NA
CVE-2023-31572
An issue in Bludit 4.0.0-rc-2 allows authenticated malicious users to change the Administrator password and escalate privileges via a crafted request.
Bludit Bludit 4.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3