Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27711 | 1 Typecho | 1 Typecho | 2023-03-22 | N/A | 4.8 MEDIUM |
| Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via the Comment Manager /admin/manage-comments.php component. | |||||
| CVE-2023-27131 | 1 Typecho | 1 Typecho | 2023-03-22 | N/A | 4.8 MEDIUM |
| Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter. | |||||
| CVE-2023-27130 | 1 Typecho | 1 Typecho | 2023-03-21 | N/A | 4.8 MEDIUM |
| Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter. | |||||
| CVE-2023-24114 | 1 Typecho | 1 Typecho | 2023-03-02 | N/A | 9.8 CRITICAL |
| typecho 1.1/17.10.30 was discovered to contain a remote code execution (RCE) vulnerability via install.php. | |||||
| CVE-2018-18753 | 1 Typecho | 1 Typecho | 2019-01-28 | 10.0 HIGH | 9.8 CRITICAL |
| Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF. | |||||
| CVE-2017-16230 | 1 Typecho | 1 Typecho | 2017-11-17 | 3.5 LOW | 5.4 MEDIUM |
| In admin/write-post.php in Typecho through 1.1, one can log in to the background page, write a new article, and add payload in the article content, resulting in XSS via index.php/action/contents-post-edit. | |||||