Vulnerabilities > Zblogcn > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-16 | CVE-2018-18381 | Cross-site Scripting vulnerability in Zblogcn Z-Blogphp 1.5.2.1935 Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments. | 3.5 |
| 2018-04-16 | CVE-2018-9169 | Cross-site Scripting vulnerability in Zblogcn Z-Blogphp 1.5.1 Z-BlogPHP 1.5.1 has XSS via the zb_users/plugin/AppCentre/plugin_edit.php app_id parameter. | 3.5 |