Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2006-2127
SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote malicious users to execute arbitrary SQL commands via the r parameter.
Blog Mod Blog Mod 0.2.4
Blog Mod Blog Mod 0.2.4b
Blog Mod Blog Mod 0.2.3
1 EDB exploit
NA
CVE-2023-2435
The Blog-in-Blog plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.1 via a shortcode attribute. This allows editor-level, and above, malicious users to include and execute arbitrary files on the server, allowing the execution of any ...
Blog-in-blog Project Blog-in-blog
NA
CVE-2023-2436
The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blog_in_blog' shortcode in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Blog-in-blog Project Blog-in-blog
4.3
CVSSv2
CVE-2006-0735
Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and previous versions, as used in products such as My Blog prior to 1.65, allows remote malicious users to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag.
Fuzzymonkey My Blog 1.31
Fuzzymonkey My Blog 1.4
Fuzzymonkey My Blog 1.63
Fuzzymonkey My Blog 1.64
Fuzzymonkey My Blog 1.23
Fuzzymonkey My Blog 1.3
Fuzzymonkey My Blog 1.61
Fuzzymonkey My Blog 1.62
Fuzzymonkey My Blog 1.21
Fuzzymonkey My Blog 1.22
Fuzzymonkey My Blog 1.52
Fuzzymonkey My Blog 1.6
Fuzzymonkey My Blog 1.0
Fuzzymonkey My Blog 1.2
Fuzzymonkey My Blog 1.5
Fuzzymonkey My Blog 1.51
M Blom Html-bbcode 1.03
M Blom Html-bbcode 1.04
1 EDB exploit
7.5
CVSSv2
CVE-2006-6192
Unspecified scripts in the admin directory in 8pixel.net SimpleBlog 3.0 and previous versions do not properly perform authentication, which allows remote malicious users to add users and perform certain other unauthorized privileged actions. NOTE: The provenance of this informati...
8pixel.net Simple Blog 2.0
8pixel.net Simple Blog 2.1
8pixel.net Simple Blog 2.2
8pixel.net Simple Blog 2.3
8pixel.net Simple Blog 3.0
7.5
CVSSv2
CVE-2005-1288
inc_login_check.asp ACS Blog 0.8 up to and including 1.1.3 allows remote malicious users to gain administrator privileges via the "in" value in a cookie.
Asp Press Acs Blog 1.0.2
Asp Press Acs Blog 1.0.3
Asp Press Acs Blog 1.0
Asp Press Acs Blog 1.0.1
Asp Press Acs Blog 0.8
Asp Press Acs Blog 0.9
Asp Press Acs Blog 1.1.2
Asp Press Acs Blog 1.1b
Asp Press Acs Blog 1.1
Asp Press Acs Blog 1.1.1
7.5
CVSSv2
CVE-2006-6191
SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog 2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
8pixel.net Simple Blog
8pixel.net Simple Blog 2.1
8pixel.net Simple Blog 2.2
8pixel.net Simple Blog 2.0
1 EDB exploit
6.5
CVSSv2
CVE-2022-23626
m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions `imagecreatefrom*` and `image*` have not been checked properly. Although PHP issued warnings and the upload function returned `false`, the original file (that could contain a malicious payload...
Blog Project Blog
7.5
CVSSv2
CVE-2017-14345
SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php.
Blog Project Blog
7.5
CVSSv2
CVE-2017-14346
upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file.
Blog Project Blog
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »