Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Oneblog
(Zhyd)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-03-20 | CVE-2024-29471 | OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Notice Manage module. | Oneblog | 5.4 | ||
| 2024-03-20 | CVE-2024-29472 | OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module. | Oneblog | 5.4 | ||
| 2022-06-23 | CVE-2022-34011 | OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the parameter entryUrls. | Oneblog | 4.3 | ||
| 2022-06-23 | CVE-2022-34012 | Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges. | Oneblog | 6.5 | ||
| 2022-06-23 | CVE-2022-34013 | OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Logo parameter under the Link module. | Oneblog | 4.3 |