← Back

Zblogcn

zblogcn

22 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Z Blogphp
z-blogphp
21 CVEs
Zblogphp
zblogphp
1 CVE

CVEs (22)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-6846
1Zblogcn
1Z Blogphp
Nov 21, 2024
Feb 8, 2018
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via a direct request to zb_system/function/lib/upload.php.
CVE-2018-6656
1Zblogcn
1Z Blogphp
Nov 21, 2024
Feb 6, 2018
N/A· v4
6.5 MEDIUM· v3
5.8 MEDIUM· v2
Z-BlogPHP 1.5.1 has CSRF via zb_users/plugin/AppCentre/app_del.php, as demonstrated by deleting files and directories.