Approved changes feed: RSS · Atom
cpe:2.3:a:alma:alma_blog:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Alma (5dda2a56-7592-509b-8c29-96ca7cdcf02d) |
|---|---|
| Product | Alma Blog (d022a9da-34d1-51f2-ad5b-d45a80459401) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-1146 |
vulnerable | 2026-06-08 06:25:39.384131 |
Cross-site Scripting at Alma Devklan Blog
MEDIUM (5.8)
Cross-Site Scripting vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an attacker to store a malicious JavaScript payload within the application by adding the payload to 'Community Description' or 'Community Rules'.
Published: 2024-03-19T11:37:18.313Z
Updated: 2024-08-01T18:26:30.513Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-1145 |
vulnerable | 2026-06-08 06:25:39.383568 |
Observable Response Discrepancy at Alma Devklan Blog
MEDIUM (5.3)
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow a remote user to retrieve all valid users registered in the application just by looking at the request response.
Published: 2024-03-19T11:35:46.187Z
Updated: 2024-08-02T15:12:00.863Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-1144 |
vulnerable | 2026-06-08 06:25:39.382958 |
Improper Access Control at Alma Devklan Blog
MEDIUM (6.5)
Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an unauthenticated user to access the application's functionalities without the need for credentials.
Published: 2024-03-19T11:32:49.261Z
Updated: 2024-08-01T18:26:30.513Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.