Javaweb Blog Project - Javaweb Blog CVE

Filtered by vendor Javaweb Blog Project Subscriptions

Filtered by product Javaweb Blog Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-40037	1 Javaweb Blog Project	1 Javaweb Blog	2024-08-03	9.8 Critical
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile.
CVE-2022-40034	1 Javaweb Blog Project	1 Javaweb Blog	2024-08-03	5.4 Medium
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter.

Page 1 of 1.