Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-27093
Cross Site Scripting vulnerability found in My-Blog allows malicious users to cause a denial of service via the Post function.
My-blog Project My-blog -
570
VMScore
CVE-2019-3494
Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter.
Simply-blog Project Simply-blog
760
VMScore
CVE-2006-4202
SQL injection vulnerability in proje_goster.php in Spidey Blog Script 1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Spidey Blog Spidey Blog Script
2 EDB exploits
755
VMScore
CVE-2007-1471
admin/default.asp in Orion-Blog 2.0 allows remote malicious users to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp.
Orion-blog Orion-blog 2.0
1 EDB exploit
NA
CVE-2022-4400
A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerabi...
Fs-blog Project Fs-blog -
755
VMScore
CVE-2008-3306
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained ...
Youtube Blog Youtube Blog 0.1
1 EDB exploit
NA
CVE-2023-1937
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to...
My-blog Project My-blog -
383
VMScore
CVE-2022-27174
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and previous versions allows a remote unauthenticated malicious user to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.
Easy Blog Project Easy Blog
605
VMScore
CVE-2006-2809
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors a...
Ar-blog Ar-blog 5.2
755
VMScore
CVE-2008-3307
SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306.
Youtube Blog Youtube Blog 0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »