Filtered by vendor Perfree
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40825 | 1 Perfree | 1 Perfreeblog | 2024-11-21 | N/A | 7.2 HIGH |
| An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list. | |||||
| CVE-2023-30333 | 1 Perfree | 1 Perfreeblog | 2024-11-21 | N/A | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2023-29643 | 1 Perfree | 1 Perfreeblog | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function. | |||||
| CVE-2023-27757 | 1 Perfree | 1 Perfreeblog | 2024-11-21 | N/A | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the /admin/user/uploadImg component of PerfreeBlog v3.1.1 allows attackers to execute arbitrary code via a crafted JPG file. | |||||