Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2021-27280
Disclosure Date: May 08, 2023 (last updated October 08, 2023)
OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected.
0
Attacker Value
Unknown
CVE-2021-46028
Disclosure Date: January 20, 2022 (last updated February 23, 2025)
In mblog <= 3.5.0 there is a CSRF vulnerability in the background article management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, the article will be deleted.
0
Attacker Value
Unknown
CVE-2020-19618
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing.
0
Attacker Value
Unknown
CVE-2020-19619
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile.
0
Attacker Value
Unknown
CVE-2020-19617
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile.
0
Attacker Value
Unknown
CVE-2020-19616
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing.
0
