Vulnerabilities > Bludit > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-17 | CVE-2024-25297 | Cross-site Scripting vulnerability in Bludit 3.15.0 Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote attackers to execute arbitrary code and obtain sensitive information via edit-content.php. | 4.8 |
| 2023-09-01 | CVE-2023-24675 | Cross-site Scripting vulnerability in Bludit 3.14.1 Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL. | 4.8 |
| 2023-06-16 | CVE-2023-34845 | Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.14.1 Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. | 5.4 |
| 2023-05-17 | CVE-2023-31698 | Cross-site Scripting vulnerability in Bludit 3.14.1 Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. | 5.4 |
| 2021-10-19 | CVE-2021-35323 | Cross-site Scripting vulnerability in Bludit 3.13.1 Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login. | 4.3 |
| 2021-09-01 | CVE-2020-20495 | Unspecified vulnerability in Bludit 3.13.0 bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter. network bludit | 5.8 |
| 2021-07-23 | CVE-2021-25808 | Code Injection vulnerability in Bludit 3.13.1 A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file. | 6.8 |
| 2021-05-21 | CVE-2020-23765 | Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.12.0 A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. | 6.5 |
| 2020-10-02 | CVE-2020-18190 | Path Traversal vulnerability in Bludit 3.8.1 Bludit v3.8.1 is affected by directory traversal. | 6.4 |
| 2020-06-24 | CVE-2020-15026 | Path Traversal vulnerability in Bludit 3.12.0 Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. | 4.0 |