Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-0359
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) admin.php or (2) index.php in photo/.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
7.5
CVSSv2
CVE-2008-0360
Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to execute arbitrary SQL commands via (1) the blogid parameter to index.php, (2) the user parameter to action.php, or (3) the field parameter to admin/plugins/table/index.php.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
7.5
CVSSv2
CVE-2008-0677
SQL injection vulnerability in blog.php in A-Blog 2 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a news action.
A-blog A-blog 2
1 EDB exploit
7.5
CVSSv2
CVE-2006-5092
PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote malicious users to execute arbitrary PHP code via a URL in the navigation_start parameter.
A-blog A-blog 2
1 EDB exploit
4.3
CVSSv2
CVE-2022-27174
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and previous versions allows a remote unauthenticated malicious user to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.
Easy Blog Project Easy Blog
NA
CVE-2022-4400
A vulnerability was found in zbl1996 FS-Blog and classified as problematic. This issue affects some unknown processing of the component Title Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerabi...
Fs-blog Project Fs-blog -
7.5
CVSSv2
CVE-2006-5383
SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the article parameter.
Def-blog Def-blog 1.0.1
1 EDB exploit
NA
CVE-2023-1937
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to...
My-blog Project My-blog -
6.8
CVSSv2
CVE-2006-2809
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors a...
Ar-blog Ar-blog 5.2
7.5
CVSSv2
CVE-2008-2671
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Dcfm Blog Dcfm Blog 0.9.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »