A Blog Cms Ver.2.10.X Series
Approved changes feed: RSS · Atom
cpe:2.3:a:appleple_inc.:a-blog_cms_ver.2.10.x_series:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Appleple Inc. (b95fa5d4-cbca-50e1-8fc2-c7aaf5e8cdf3) |
|---|---|
| Product | A Blog Cms Ver.2.10.X Series (c925a720-77af-5742-8e47-56a536529151) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-31395 |
vulnerable | 2026-06-08 06:35:31.428040 |
Details available
Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with an editor or higher privilege who can log in to the product may execute an arbitrary script on the web browser of the user who accessed the schedule management page.
Published: 2024-05-22T04:35:37.216Z
Updated: 2024-10-31T14:53:49.233Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-31394 |
vulnerable | 2026-06-08 06:35:31.427280 |
Details available
Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with an editor or higher privilege who can log in to the product may obtain arbitrary files on the server.
Published: 2024-05-22T04:35:31.768Z
Updated: 2025-03-27T15:03:43.986Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30419 |
vulnerable | 2026-06-08 06:35:30.319268 |
Details available
Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with a contributor or higher privilege who can log in to the product may execute an arbitrary script on the web browser of the user who accessed the website using the product.
Published: 2024-05-22T04:35:09.652Z
Updated: 2024-08-02T01:32:07.430Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27279 |
vulnerable | 2026-06-08 06:31:28.405855 |
Details available
Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with editor or higher privilege who can login to the product may obtain arbitrary files on the server including password files.
Published: 2024-03-12T08:19:48.705Z
Updated: 2024-10-31T18:12:32.261Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23782 |
vulnerable | 2026-06-08 06:29:40.427262 |
Details available
Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier versions. If this vulnerability is exploited, a user with a contributor or higher privilege may execute an arbitrary script on the web browser of the user who accessed the website using the product.
Published: 2024-01-28T23:09:13.092Z
Updated: 2025-06-02T19:47:56.058Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23348 |
vulnerable | 2026-06-08 06:29:37.339642 |
Details available
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary JavaScript code by uploading a specially crafted SVG file.
Published: 2024-01-23T09:39:14.190Z
Updated: 2025-05-30T14:19:38.246Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23183 |
vulnerable | 2026-06-08 06:29:36.995173 |
Details available
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute an arbitrary script on the logged-in user's web browser.
Published: 2024-01-23T09:39:05.114Z
Updated: 2025-06-20T19:11:32.290Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23182 |
vulnerable | 2026-06-08 06:29:36.994435 |
Details available
Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to delete arbitrary files on the server.
Published: 2024-01-23T09:38:58.906Z
Updated: 2025-05-30T14:19:44.009Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23181 |
vulnerable | 2026-06-08 06:29:36.993462 |
Details available
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the logged-in user's web browser.
Published: 2024-01-23T09:38:08.211Z
Updated: 2025-06-20T19:10:49.356Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23180 |
vulnerable | 2026-06-08 06:29:36.990931 |
Details available
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary code by uploading a specially crafted SVG file.
Published: 2024-01-23T09:37:22.303Z
Updated: 2025-06-04T15:09:52.447Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.