Blogotext Project Blogotext — known CVE vulnerabilities
Every CVE whose affected-product data names Blogotext Project Blogotext, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2017-17794 — CVSS 9.8 (critical): validate_form_preferences in admin/preferences.php in BlogoText through 3.7.6 allows attackers to bypass intended access restrictions via…
CVE-2017-17793 — CVSS 7.5 (high): Information Disclosure vulnerability in creer_fichier_zip in admin/maintenance.php in BlogoText through 3.7.6 allows remote attackers to…
CVE-2017-14957 — CVSS 6.1 (medium): Stored XSS vulnerability via a comment in inc/conv.php in BlogoText before 3.7.6 allows an unauthenticated attacker to inject JavaScript…
CVE-2017-17792 — CVSS 6.1 (medium): Cross site scripting (XSS) vulnerability in the markup_clean_href function in inc/conv.php in BlogoText through 3.7.6 allows remote…