Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2010-2436
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO.
Anecms Anecms Blog
Anecms Anecms Blog 1.0
1 EDB exploit
435
VMScore
CVE-2010-2437
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.
Anecms Anecms Blog 1.0
Anecms Anecms Blog
1 EDB exploit
445
VMScore
CVE-2005-4687
PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote malicious users to misrepresent their IP address by sending a modified header.
F-art Agency Blog Cms 3.0
F-art Agency Blog Cms 3.1
F-art Agency Blog Cms 3.1.2
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
F-art Agency Blog Cms 3.1.3
F-art Agency Blog Cms 3.6.2
Punbb Punbb 1.2.1
Punbb Punbb 1.2.3
Punbb Punbb 1.2.8
F-art Agency Blog Cms 4.0.0
F-art Agency Blog Cms 4.0.0a
F-art Agency Blog Cms 4.0.0b
F-art Agency Blog Cms 4.0.0c
F-art Agency Blog Cms 3.1.4
F-art Agency Blog Cms 3.6.4
F-art Agency Blog Cms 4.0.0d
Punbb Punbb 1.2.2
Punbb Punbb 1.2.9
NA
CVE-2022-35501
Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function.
Amasty Blog Pro 2.10.3
Amasty Blog Pro 2.10.4
1 Github repository
668
VMScore
CVE-2022-29659
Responsive Online Blog v1.0 exists to contain a SQL injection vulnerability via the id parameter at single.php.
Responsive Online Blog Project Responsive Online Blog 1.0
NA
CVE-2023-27034
PrestaShop jmsblog 2.5.5 exists to contain a SQL injection vulnerability.
Joommasters Jms Blog 2.5.5
Joommasters Jms Blog 2.5.6
1 Github repository
760
VMScore
CVE-2005-0854
betaparticle blog (bp blog), posisbly before version 4, allows remote malicious users to bypass authentication and (1) upload files via a direct request to upload.asp or (2) delete files via a direct request to myFiles.asp.
Betaparticle Betaparticle Blog 2.0
Betaparticle Betaparticle Blog 3.0
2 EDB exploits
505
VMScore
CVE-2005-0853
betaparticle blog (bp blog) stores the database under the web root, which allows remote malicious users to obtain sensitive information via a direct request to (1) dbBlogMX.mdb for versions prior to 3.0, or (2) Blog.mdb for versions 3.0 and later. NOTE: it was later reported that...
Betaparticle Betaparticle Blog 2.0
Betaparticle Betaparticle Blog 3.0
1 EDB exploit
383
VMScore
CVE-2020-20605
Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component.
Personal Blog Cms Project Personal Blog Cms 1.0
668
VMScore
CVE-2021-26231
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the id parameter to category.php.
Fantastic Blog Cms Project Fantastic Blog Cms 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »