Exposição de a-blog cms

CMS

15

score de exposição

955

sites usam

0

em exploração

1

críticos

CVEs

21 resultados

CVE-2022-21142—Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.EPSS 1.5%CVE-2022-23810—Template injection (Improper Neutralization of Special Elements Used in a Template Engine) vulnerability in a-blog cms Ver.2.8.x series versEPSS 1.1%CVE-2024-23180HIGHImproper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3EPSS 0.9%CVE-2022-24374—Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.4EPSS 0.9%CVE-2024-27279MEDIUMDirectory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.EPSS 0.8%CVE-2019-6033—Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8EPSS 0.8%CVE-2024-23182HIGHRelative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0EPSS 0.7%CVE-2022-23916—Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.4EPSS 0.7%CVE-2024-31394MEDIUMDirectory traversal vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to VerEPSS 0.7%CVE-2024-23348HIGHImproper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3EPSS 0.7%CVE-2019-6034—a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver.2.9.x), and Ver.2.8.64 (Ver.2.8.x) allows arbitrary scripts to be exeEPSS 0.7%CVE-2024-25559MEDIUMURL spoofing vulnerability exists in a-blog cms Ver.3.1.0 to Ver.3.1.8. If an attacker sends a specially crafted request, the administrator EPSS 0.4%CVE-2025-36560CRITICALServer-side request forgery vulnerability exists in a-blog cms multiple versions. If this vulnerability is exploited, a remote unauthenticatEPSS 0.4%CVE-2025-27566MEDIUMPath traversal vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and versions prior to Ver. 3.0.47. This is an issue with insEPSS 0.4%CVE-2024-23181MEDIUMCross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29EPSS 0.4%CVE-2024-23183MEDIUMCross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29EPSS 0.4%CVE-2025-41429LOWa-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remote unauthenticated atEPSS 0.4%CVE-2024-31395MEDIUMCross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to VeEPSS 0.3%CVE-2024-23782MEDIUMCross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to VerEPSS 0.3%CVE-2024-30419MEDIUMCross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to VeEPSS 0.2%

← anteriorpágina 1 / 2próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →