Known Vulnerabilities for products from Bludit

Listed below are 19 of the newest known vulnerabilities associated with the vendor "Bludit".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-35323 Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login. 6.1 - MEDIUM 2021-10-19 2021-10-22
CVE-2021-25808 A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted... 7.8 - HIGH 2021-07-23 2021-08-02
CVE-2020-23765 A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an att... 7.2 - HIGH 2021-05-21 2021-05-27
CVE-2020-20495 bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter. 9.1 - CRITICAL 2021-09-01 2021-09-08
CVE-2020-18879 Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via ... 9.8 - CRITICAL 2021-08-20 2021-08-24
CVE-2020-18190 Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-... 9.1 - CRITICAL 2020-10-02 2020-10-09
CVE-2020-15026 Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file downloa... 4.9 - MEDIUM 2020-06-24 2020-06-30
CVE-2020-15006 Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php. 5.4 - MEDIUM 2020-06-24 2020-07-02
CVE-2020-13889 showAlert() in the administration panel in Bludit 3.12.0 allows XSS. 5.4 - MEDIUM 2020-06-06 2020-06-09
CVE-2020-8812 ** DISPUTED ** Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the ve... 5.4 - MEDIUM 2020-02-07 2020-02-10
CVE-2020-8811 ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures. 4.3 - MEDIUM 2020-02-07 2020-02-10
CVE-2019-17240 bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many diff... 9.8 - CRITICAL 2019-10-06 2020-10-21
CVE-2019-16334 In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may... 4.8 - MEDIUM 2019-09-15 2019-09-16
CVE-2019-16113 Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg fi... 8.8 - HIGH 2019-09-08 2021-07-21
CVE-2019-12742 Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs becaus... 8.8 - HIGH 2019-06-05 2020-08-24
CVE-2019-12548 Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo th... 8.8 - HIGH 2019-06-03 2021-07-21
CVE-2018-1000811 bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Edit... 8.8 - HIGH 2018-12-20 2019-01-07
CVE-2018-16313 Bludit 2.3.4 allows XSS via a user name. 6.1 - MEDIUM 2018-09-01 2018-11-02
CVE-2017-16636 In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body messa... 5.4 - MEDIUM 2017-11-06 2017-11-29

Known software with vulnerabilities from Bludit

Type Vendor Product Version

Popular searches for "Bludit"

Bludit - Flat-File CMS

Bludit - Flat-File CMS Bludit is a web application to build your own website or blog in seconds, it's completely free and open source. Markdown support.

Flat-file database Content management system Markdown Plug-in (computing) Website Blog Search engine optimization Free and open-source software Web application Download Theme (computing) Database JSON Installation (computer programs) GitHub Documentation Computer file Configure script Web search engine WYSIWYG

Bludit Support - Index page

Bludit Support - Index page Languages Topics: 35 Posts: 214. Themes Topics: 150 Posts: 803. In total there are 10 users online :: 1 registered, 0 hidden and 9 guests based on users active over the past 5 minutes Most users ever online was 36 on Wed Feb 10, 2021 9:59 am. Latest stable release: Bludit v3.13.1 "Edi". User (computing) Online and offline Plug-in (computing) Software release life cycle Theme (computing) Software bug GitHub Internet Website Login Software feature Privacy policy Hidden file and hidden directory Windows 10 Technical support Mail FAQ Password Content management system Docker (software)