Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0677
SQL injection vulnerability in blog.php in A-Blog 2 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a news action.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2008-0676
Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote malicious users to inject arbitrary web script or HTML via the words parameter.
A-blog A-blog 2
1 EDB exploit
NA
CVE-2008-3306
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained ...
Youtube Blog Youtube Blog 0.1
1 EDB exploit
NA
CVE-2008-3307
SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306.
Youtube Blog Youtube Blog 0.1
1 EDB exploit
NA
CVE-2006-1893
Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Ar-blog Ar-blog 5.2
1 EDB exploit
NA
CVE-2006-0333
Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php.
Ar-blog Ar-blog 5.2
4.3
CVSSv3
CVE-2022-27174
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and previous versions allows a remote unauthenticated malicious user to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.
Easy Blog Project Easy Blog
NA
CVE-2007-1471
admin/default.asp in Orion-Blog 2.0 allows remote malicious users to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp.
Orion-blog Orion-blog 2.0
1 EDB exploit
4.3
CVSSv3
CVE-2023-1937
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to...
My-blog Project My-blog -
9.8
CVSSv3
CVE-2017-15539
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
Zorovavi\\/blog Project Zorovavi\\/blog
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »