Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bludit vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2020-19228
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows malicious users to upload arbitrary files.
Bludit Bludit 3.13.0
668
VMScore
CVE-2020-18879
Unrestricted File Upload in Bludit v3.8.1 allows remote malicious users to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'.
Bludit Bludit 3.8.1
659
VMScore
CVE-2019-16113
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.
Bludit Bludit 3.9.2
1 EDB exploit
12 Github repositories
605
VMScore
CVE-2021-25808
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows malicious users to execute arbitrary code via a crafted ZIP file.
Bludit Bludit 3.13.1
578
VMScore
CVE-2020-23765
A file upload vulnerability exists in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server.
Bludit Bludit 3.12.0
578
VMScore
CVE-2019-12742
Bludit before 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object Reference (a modified username POST parameter).
Bludit Bludit
578
VMScore
CVE-2019-12548
Bludit prior to 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.
Bludit Bludit
578
VMScore
CVE-2018-1000811
bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP cod...
Bludit Bludit 3.0.0
570
VMScore
CVE-2020-18190
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
Bludit Bludit 3.8.1
516
VMScore
CVE-2020-20495
bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter.
Bludit Bludit 3.13.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »