Vulnerabilities > Javaweb Blog Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-26	CVE-2022-40037	Unrestricted Upload of File with Dangerous Type vulnerability in Javaweb Blog Project Javaweb Blog 1.0 An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile. network low complexity javaweb-blog-project CWE-434 critical	9.8
2023-01-23	CVE-2022-40034	Cross-site Scripting vulnerability in Javaweb Blog Project Javaweb Blog 1.0 Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter. network low complexity javaweb-blog-project CWE-79	5.4

Vulnerabilities > Javaweb Blog Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Javaweb Blog Project"}]}