Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bludit vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2024-25297
Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote malicious users to execute arbitrary code and obtain sensitive information via edit-content.php.
Bludit Bludit 3.15.0
7.8
CVSSv3
CVE-2023-24674
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local malicious users to escalate privileges via the role:admin parameter.
Bludit Bludit 4.0.0
4.8
CVSSv3
CVE-2023-24675
Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows malicious users to execute arbitrary code via the Categories Friendly URL.
Bludit Bludit 3.14.1
8.8
CVSSv3
CVE-2020-20210
Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images.
Bludit Bludit 3.9.2
5.4
CVSSv3
CVE-2023-34845
Bludit v3.14.1 exists to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users ...
Bludit Bludit 3.14.1
1 Github repository
5.4
CVSSv3
CVE-2023-31698
Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration).
Bludit Bludit 3.14.1
8.8
CVSSv3
CVE-2023-31572
An issue in Bludit 4.0.0-rc-2 allows authenticated malicious users to change the Administrator password and escalate privileges via a crafted request.
Bludit Bludit 4.0.0
7.2
CVSSv3
CVE-2020-19228
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows malicious users to upload arbitrary files.
Bludit Bludit 3.13.0
5.4
CVSSv3
CVE-2022-1590
A vulnerability was found in Bludit 3.13.1. It has been declared as problematic. This vulnerability affects the endpoint /admin/new-content of the New Content module. The manipulation of the argument content with the input <script>alert(1)</script> leads to cross site...
Bludit Bludit 3.13.1
5.4
CVSSv3
CVE-2021-45745
A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.
Bludit Bludit
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »