Vulnerabilities > Mblog Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-08	CVE-2021-27280	Unrestricted Upload of File with Dangerous Type vulnerability in Mblog Project Mblog 3.5.0 OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected. local low complexity mblog-project CWE-434	7.8
2022-01-20	CVE-2021-46028	Cross-Site Request Forgery (CSRF) vulnerability in Mblog Project Mblog In mblog <= 3.5.0 there is a CSRF vulnerability in the background article management. network mblog-project CWE-352	4.3
2021-04-01	CVE-2020-19619	Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0 Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signature field to /settings/profile. network mblog-project CWE-79	3.5
2021-04-01	CVE-2020-19618	Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0 Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post content field to /post/editing. network mblog-project CWE-79	3.5
2021-04-01	CVE-2020-19617	Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0 Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname field to /settings/profile. network mblog-project CWE-79	3.5
2021-04-01	CVE-2020-19616	Cross-site Scripting vulnerability in Mblog Project Mblog 3.5.0 Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post header field to /post/editing. network mblog-project CWE-79	3.5

Vulnerabilities > Mblog Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mblog Project"}]}