Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-26231
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the id parameter to category.php.
Fantastic Blog Cms Project Fantastic Blog Cms 1.0
6.1
CVSSv3
CVE-2020-20605
Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component.
Personal Blog Cms Project Personal Blog Cms 1.0
NA
CVE-2005-4687
PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote malicious users to misrepresent their IP address by sending a modified header.
F-art Agency Blog Cms 3.0
F-art Agency Blog Cms 3.1
F-art Agency Blog Cms 3.1.2
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.2.6
Punbb Punbb 1.2.7
F-art Agency Blog Cms 3.1.3
F-art Agency Blog Cms 3.6.2
Punbb Punbb 1.2.1
Punbb Punbb 1.2.3
Punbb Punbb 1.2.8
F-art Agency Blog Cms 4.0.0
F-art Agency Blog Cms 4.0.0a
F-art Agency Blog Cms 4.0.0b
F-art Agency Blog Cms 4.0.0c
F-art Agency Blog Cms 3.1.4
F-art Agency Blog Cms 3.6.4
F-art Agency Blog Cms 4.0.0d
Punbb Punbb 1.2.2
Punbb Punbb 1.2.9
6.5
CVSSv3
CVE-2022-23810
Template injection (Improper Neutralization of Special Elements Used in a Template Engine) vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series ...
Appleple A-blog Cms
Appleple A-blog Cms 3.0.0
6.1
CVSSv3
CVE-2022-23916
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to ...
Appleple A-blog Cms
Appleple A-blog Cms 3.0.0
4.8
CVSSv3
CVE-2022-2425
The WP DS Blog Map WordPress plugin up to and including 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in m...
Wp Ds Blog Map Project Wp Ds Blog Map
6.1
CVSSv3
CVE-2022-24374
Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to ...
Appleple A-blog Cms
Appleple A-blog Cms 3.0.0
5.4
CVSSv3
CVE-2018-16780
Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment.
Complete Responsive Cms Blog Project Complete Responsive Cms Blog
NA
CVE-2006-2251
SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final up to and including 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.
Invision Power Services Invision Community Blog 1.0
Invision Power Services Invision Community Blog 1.1
Invision Power Services Invision Community Blog 1.1.2 Final
Invision Power Services Invision Community Blog 1.2
9.8
CVSSv3
CVE-2018-17391
SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter.
Super Cms Blog Pro Project Super Cms Blog Pro 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »