Vulnerabilities (CVE)

Filtered by vendor My-blog Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-27093 1 My-blog Project 1 My-blog 2024-11-21 N/A 6.1 MEDIUM
Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post function.
CVE-2023-1937 1 My-blog Project 1 My-blog 2024-11-21 5.0 MEDIUM 4.3 MEDIUM
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-225264.