Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-0361
Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 Blog 8.01 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in an <a> tag in the comment parameter, which strips most tags but not <a>.
Bit 5 Blog Bit 5 Blog 8.01
1 EDB exploit
7.5
CVSSv2
CVE-2007-1445
SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 up to and including 7.0.2 allows remote malicious users to execute arbitrary SQL commands via the layout parameter.
Betaparticle Betaparticle Blog 7.0
Betaparticle Betaparticle Blog
1 EDB exploit
5
CVSSv2
CVE-2005-4687
PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote malicious users to misrepresent their IP address by sending a modified header.
F-art Agency Blog Cms 3.0
F-art Agency Blog Cms 3.1
F-art Agency Blog Cms 3.1.2
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
F-art Agency Blog Cms 3.1.3
F-art Agency Blog Cms 3.6.2
Punbb Punbb 1.2.1
Punbb Punbb 1.2.3
Punbb Punbb 1.2.8
F-art Agency Blog Cms 4.0.0
F-art Agency Blog Cms 4.0.0a
F-art Agency Blog Cms 4.0.0b
F-art Agency Blog Cms 4.0.0c
F-art Agency Blog Cms 3.1.4
F-art Agency Blog Cms 3.6.4
F-art Agency Blog Cms 4.0.0d
Punbb Punbb 1.2.2
Punbb Punbb 1.2.9
NA
CVE-2022-35501
Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function.
Amasty Blog Pro 2.10.3
Amasty Blog Pro 2.10.4
1 Github repository
7.5
CVSSv2
CVE-2022-29659
Responsive Online Blog v1.0 exists to contain a SQL injection vulnerability via the id parameter at single.php.
Responsive Online Blog Project Responsive Online Blog 1.0
NA
CVE-2023-27034
PrestaShop jmsblog 2.5.5 exists to contain a SQL injection vulnerability.
Joommasters Jms Blog 2.5.5
Joommasters Jms Blog 2.5.6
1 Github repository
4.3
CVSSv2
CVE-2020-20605
Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component.
Personal Blog Cms Project Personal Blog Cms 1.0
7.5
CVSSv2
CVE-2021-26231
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the id parameter to category.php.
Fantastic Blog Cms Project Fantastic Blog Cms 1.0
5
CVSSv2
CVE-2005-0853
betaparticle blog (bp blog) stores the database under the web root, which allows remote malicious users to obtain sensitive information via a direct request to (1) dbBlogMX.mdb for versions prior to 3.0, or (2) Blog.mdb for versions 3.0 and later. NOTE: it was later reported that...
Betaparticle Betaparticle Blog 2.0
Betaparticle Betaparticle Blog 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-0854
betaparticle blog (bp blog), posisbly before version 4, allows remote malicious users to bypass authentication and (1) upload files via a direct request to upload.asp or (2) delete files via a direct request to myFiles.asp.
Betaparticle Betaparticle Blog 2.0
Betaparticle Betaparticle Blog 3.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »