CVE-2024-7114

<= 1.8.8

A vulnerability was found in Tianchoy Blog up to 1.8.8. It has been classified as critical. This affects an unknown part of the fi

6.3MEDIUM

CVE-2023-43381

all versions

SQL Injection vulnerability in Tianchoy Blog v.1.8.8 allows a remote attacker to obtain sensitive information via the id parameter

7.5HIGH

CVE-2022-23626

< 1.4

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not b

8.5HIGH

CVE-2021-36748

< 1.7.8

A SQL Injection issue in the list controller of the Prestahome Blog (aka ph_simpleblog) module before 1.7.8 for Prestashop allows

7.5HIGH

CVE-2017-17950

all versions

Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.

8.8HIGH

CVE-2017-17949

all versions

Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter.

6.1MEDIUM

CVE-2017-17948

all versions

Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request.

6.1MEDIUM

CVE-2017-14346

<= 2017-09-12

upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, ima

9.8CRITICAL

CVE-2017-14345

<= 2017-09-12

SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php.

9.8CRITICAL

CVE-2011-5140

all versions

Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands

CVE-2010-4750

all versions

Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote a

CVE-2010-4749

all versions

Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote attackers to inject ar

CVE-2008-4802

all versions

Cross-site scripting (XSS) vulnerability in complete.php in Simple PHP Scripts blog 0.3 allows remote attackers to inject arbitrar