RSS   Vulnerabilities for 'Oneblog'   RSS

2022-06-23
 
CVE-2022-34011

CWE-918
 

 
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the parameter entryUrls.

 
 
CVE-2022-34012

CWE-732
 

 
Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges.

 
 
CVE-2022-34013

CWE-918
 

 
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Logo parameter under the Link module.

 


Copyright 2024, cxsecurity.com

 

Back to Top