Vulnerabilities > Typecho
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-20 | CVE-2024-35540 | Cross-site Scripting vulnerability in Typecho A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 9.0 |
2023-12-08 | CVE-2023-6615 | Unspecified vulnerability in Typecho 1.2.1 A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. | 5.3 |
2023-12-08 | CVE-2023-6613 | Unspecified vulnerability in Typecho 1.2.1 A vulnerability classified as problematic has been found in Typecho 1.2.1. | 4.8 |
2023-12-08 | CVE-2023-6614 | Unspecified vulnerability in Typecho 1.2.1 A vulnerability classified as problematic was found in Typecho 1.2.1. | 2.7 |
2023-12-07 | CVE-2023-49967 | XML Entity Expansion vulnerability in Typecho 1.2.1 Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component /index.php/action/xmlrpc. | 7.5 |
2023-08-03 | CVE-2023-36299 | Unrestricted Upload of File with Dangerous Type vulnerability in Typecho 1.2.1 A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php. | 8.8 |
2023-05-08 | CVE-2020-21038 | Open Redirect vulnerability in Typecho 1.117.10.30 Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php. | 6.1 |
2023-05-04 | CVE-2023-30184 | Cross-site Scripting vulnerability in Typecho A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment. | 5.4 |
2023-03-16 | CVE-2023-27130 | Cross-site Scripting vulnerability in Typecho Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter. | 4.8 |
2023-03-16 | CVE-2023-27131 | Cross-site Scripting vulnerability in Typecho Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter. | 4.8 |