Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-28512
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters.
Fantastic Blog Project Fantastic Blog 1.0
1 Github repository
NA
CVE-2007-5272
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote malicious users to execute arbitrary SQL commands via the id parameter in a goster kat action.
Furkan Tastan Blog Furkan Tastan Blog
1 EDB exploit
NA
CVE-2006-0320
SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog 8.01 allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameter.
Bit 5 Blog Bit 5 Blog
1 EDB exploit
5.4
CVSSv3
CVE-2022-40034
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows malicious users to execute arbitrary code via the 'notifyInfo' parameter.
Javaweb Blog Project Javaweb Blog 1.0
8.8
CVSSv3
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing malicious users to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.
Blog-ssm Project Blog-ssm 1.0
9.8
CVSSv3
CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote malicious user to escalate privileges and execute arbitrary commands via the component /upFile.
Javaweb Blog Project Javaweb Blog 1.0
NA
CVE-2004-1212
Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote malicious users to download arbitrary files via a .. (dot dot) in the file argument.
Blog Torrent Blog Torrent Preview 0.8
1 EDB exploit
NA
CVE-2007-3888
Multiple cross-site scripting (XSS) vulnerabilities in Insanely Simple Blog 0.5 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the search action, possibly related to the term parameter to index.php; or (2) an anonymous blog entry...
Insanely Simple Blog Insanely Simple Blog
1 EDB exploit
6.5
CVSSv3
CVE-2022-40036
An issue exists in Rawchen blog-ssm v1.0 allows an malicious user to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.
Blog-ssm Project Blog-ssm 1.0
6.1
CVSSv3
CVE-2020-18998
Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote malicious users to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.
Blog Mini Project Blog Mini 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »