Known Vulnerabilities for Bludit by Bludit

Listed below are 10 of the newest known vulnerabilities associated with the software "Bludit" by "Bludit".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-35323 Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login. 6.1 - MEDIUM 2021-10-19 2021-11-30
CVE-2021-25808 A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted... 7.8 - HIGH 2021-07-23 2021-08-02
CVE-2020-19228 An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. 7.2 - HIGH 2022-05-11 2022-05-18
CVE-2020-18879 Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via ... 9.8 - CRITICAL 2021-08-20 2021-08-24
CVE-2020-18190 Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-... 9.1 - CRITICAL 2020-10-02 2020-10-09
CVE-2020-15026 Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file downloa... 4.9 - MEDIUM 2020-06-24 2020-06-30
CVE-2020-15006 Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php. 5.4 - MEDIUM 2020-06-24 2020-07-02
CVE-2020-13889 showAlert() in the administration panel in Bludit 3.12.0 allows XSS. 5.4 - MEDIUM 2020-06-06 2020-06-09
CVE-2020-8812 ** DISPUTED ** Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the ve... 5.4 - MEDIUM 2020-02-07 2020-02-10
CVE-2020-8811 ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures. 4.3 - MEDIUM 2020-02-07 2020-02-10
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationBluditBludit3.9.2AllAllAll
ApplicationBluditBludit3.9.1AllAllAll
ApplicationBluditBludit3.9.0AllAllAll
ApplicationBluditBludit3.8.1AllAllAll
ApplicationBluditBludit3.5.0AllAllAll
ApplicationBluditBludit3.4.0-AllAll
ApplicationBluditBludit3.4.0beta1AllAll
ApplicationBluditBludit3.3.0AllAllAll
ApplicationBluditBludit3.2.0AllAllAll
ApplicationBluditBludit3.12.0AllAllAll
ApplicationBluditBludit3.11.0-AllAll
ApplicationBluditBludit3.11.0aAllAll
ApplicationBluditBludit3.10.0-AllAll
ApplicationBluditBludit3.10.0alphaAllAll
ApplicationBluditBludit3.1.0AllAllAll
ApplicationBluditBludit3.0.0alpha5AllAll
ApplicationBluditBludit3.0.0-AllAll
ApplicationBluditBludit3.0.0alpha1AllAll
ApplicationBluditBludit3.0.0alpha2AllAll
ApplicationBluditBludit3.0.0alpha3AllAll
Results limited to 20 most recent known configurations

Popular searches for Bludit

Bludit - Flat-File CMS

www.bludit.com

Bludit - Flat-File CMS Bludit is a web application to build your own website or blog in seconds, it's completely free and open source. Markdown support. bludit.com

Flat-file database Content management system Markdown Plug-in (computing) Website Blog Search engine optimization Free and open-source software Web application Download Theme (computing) Database JSON Installation (computer programs) GitHub Documentation Computer file Configure script Web search engine WYSIWYG

bludit/bludit

github.com/bludit/bludit

bludit/bludit Simple, Fast, Secure, Flat-File CMS. Contribute to bludit GitHub.

github.com/dignajar/bludit GitHub Content management system PHP Flat-file database Web server JSON Adobe Contribute Blog Modular programming Software release life cycle Patreon Installation (computer programs) Docker (software) Computer file Command-line interface Bluetooth Xcode Microsoft Visual Studio Repository (version control) Software repository

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report