Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blog vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-27093
Cross Site Scripting vulnerability found in My-Blog allows malicious users to cause a denial of service via the Post function.
My-blog Project My-blog -
NA
CVE-2006-1893
Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Ar-blog Ar-blog 5.2
1 EDB exploit
NA
CVE-2008-2554
Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.
Bp Blog Bp Blog 6.0
1 EDB exploit
NA
CVE-2005-0802
Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 up to and including 1.1b allows remote malicious users to execute arbitrary web script or HTML via the search parameter.
Asp Press Acs Blog 1.0
Asp Press Acs Blog 1.1b
Asp Press Acs Blog 0.8
Asp Press Acs Blog 0.9
1 EDB exploit
NA
CVE-2006-1243
Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demo...
Alexander Palmo Simple Php Blog 0.4.6
Alexander Palmo Simple Php Blog 0.4.7
Alexander Palmo Simple Php Blog 0.4.0
Alexander Palmo Simple Php Blog 0.4.5
Alexander Palmo Simple Php Blog
1 EDB exploit
NA
CVE-2007-5272
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote malicious users to execute arbitrary SQL commands via the id parameter in a goster kat action.
Furkan Tastan Blog Furkan Tastan Blog
1 EDB exploit
6.1
CVSSv3
CVE-2021-26224
Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote malicious users to inject arbitrary web script or HTML via the search field to search.php.
Fantastic Blog Project Fantastic Blog 1.0
5.4
CVSSv3
CVE-2022-40034
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows malicious users to execute arbitrary code via the 'notifyInfo' parameter.
Javaweb Blog Project Javaweb Blog 1.0
8.8
CVSSv3
CVE-2022-40035
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing malicious users to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.
Blog-ssm Project Blog-ssm 1.0
6.5
CVSSv3
CVE-2022-40036
An issue exists in Rawchen blog-ssm v1.0 allows an malicious user to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.
Blog-ssm Project Blog-ssm 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »