Filtered by vendor My-blog Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-27093 | 1 My-blog Project | 1 My-blog | 2024-11-21 | N/A | 6.1 MEDIUM |
Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function. | |||||
CVE-2023-1937 | 1 My-blog Project | 1 My-blog | 2024-11-21 | 5.0 MEDIUM | 4.3 MEDIUM |
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-225264. |