Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6035
Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the FADDR parameter.
F-art Agency Blog Cms
1 EDB exploit
NA
CVE-2006-3364
SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS prior to 4.1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
F-art Agency Blog Cms
1 EDB exploit
9.8
CVSSv3
CVE-2022-27047
mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation.
Moguit Mogu Blog Cms 5.2
9.8
CVSSv3
CVE-2017-15983
MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
Geniusocean Mymagazine Magazine & Blog Cms 1.0
1 EDB exploit
NA
CVE-2006-4748
Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote malicious users to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin/plugins/NP_Log.php, and the (5) pitem parameter in (b) admin/plugins/NP_Po...
F-art Agency Blog Cms 4.1
9.8
CVSSv3
CVE-2022-28512
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters.
Fantastic Blog Project Fantastic Blog 1.0
1 Github repository
6.1
CVSSv3
CVE-2021-26224
Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote malicious users to inject arbitrary web script or HTML via the search field to search.php.
Fantastic Blog Project Fantastic Blog 1.0
NA
CVE-2006-6771
Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) GLOBALS[PTH][func] parameter in (a) scripts/gallery.scr.php; the (2) GLO...
Irokez Irokez Cms
2 EDB exploits
8.8
CVSSv3
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
4.8
CVSSv3
CVE-2018-19902
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter.
No-cms Project No-cms 1.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »