📦 Bolo Solo

This vulnerability allows remote attackers to upload arbitrary files to bolo-solo blog systems due to insufficient validation in the FreeMarker template handler. Attackers can exploit this to upload m...

This is a path traversal vulnerability in bolo-solo blogging software that allows attackers to manipulate file paths during blog import operations. Attackers can potentially read, write, or delete arb...

This CVE describes a path traversal vulnerability in bolo-blog's bolo-solo software that allows attackers to manipulate file paths through the importFromMarkdown function. Attackers can potentially ac...

This CVE describes a path traversal vulnerability in bolo-blog's bolo-solo software up to version 2.6.4. Attackers can exploit the unpackFilteredZip function in the ZIP file handler to write files out...

This CVE describes a remote deserialization vulnerability in bolo-solo's SnakeYAML component that allows attackers to execute arbitrary code by manipulating markdown import functionality. The vulnerab...