← Back

Oneblog Project

oneblog_project

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Oneblog
oneblog
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-46085
1Oneblog Project
1Oneblog
Nov 21, 2024
Jan 25, 2022
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.
CVE-2021-46025
1Oneblog Project
1Oneblog
Nov 21, 2024
Jan 19, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.