Vulnerabilities > Zhyd

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-34011 Server-Side Request Forgery (SSRF) vulnerability in Zhyd Oneblog 2.3.4
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the parameter entryUrls.
network
low complexity
zhyd CWE-918
4.0
2022-06-23 CVE-2022-34012 Incorrect Permission Assignment for Critical Resource vulnerability in Zhyd Oneblog 2.3.4
Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges.
network
low complexity
zhyd CWE-732
4.0
2022-06-23 CVE-2022-34013 Server-Side Request Forgery (SSRF) vulnerability in Zhyd Oneblog 2.3.4
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Logo parameter under the Link module.
network
low complexity
zhyd CWE-918
4.0