Vulnerabilities > Forestblog Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-17	CVE-2023-6887	Unrestricted Upload of File with Dangerous Type vulnerability in Forestblog Project Forestblog 20190404/20220630 A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. network low complexity forestblog-project CWE-434 critical	9.8
2022-04-16	CVE-2022-29020	Cross-site Scripting vulnerability in Forestblog Project Forestblog 20190404 ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS during addition of a user avatar. network low complexity forestblog-project CWE-79	6.1
2022-01-25	CVE-2021-46034	Cross-site Scripting vulnerability in Forestblog Project Forestblog A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vulnerability that can be injected through the nickname input box. network low complexity forestblog-project CWE-79	6.1
2022-01-25	CVE-2021-46033	Unrestricted Upload of File with Dangerous Type vulnerability in Forestblog Project Forestblog In ForestBlog, as of 2021-12-28, File upload can bypass verification. network low complexity forestblog-project CWE-434 critical	9.8
2021-05-11	CVE-2020-18964	Cross-Site Request Forgery (CSRF) vulnerability in Forestblog Project Forestblog 20190404 Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges. network low complexity forestblog-project CWE-352	8.8

Vulnerabilities > Forestblog Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Forestblog Project"}]}