Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Javaweb Blog Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40037 1 Javaweb Blog Project 1 Javaweb Blog 2023-02-02 N/A 9.8 CRITICAL
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile.
CVE-2022-40034 1 Javaweb Blog Project 1 Javaweb Blog 2023-01-31 N/A 5.4 MEDIUM
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter.