📦 Mblog

This vulnerability in Mblog Blog system v3.5.0 allows remote attackers to execute arbitrary code by uploading a specially crafted file through the theme management feature. This affects all users runn...

This vulnerability allows attackers to inject malicious scripts into the mtons mblog admin interface via the Name parameter in the /admin/role/list endpoint. The cross-site scripting (XSS) attack can ...

This is a cross-site scripting (XSS) vulnerability in mtons mblog's admin panel that allows attackers to inject malicious scripts via the Name parameter in the user list interface. Attackers can execu...

A cross-site scripting (XSS) vulnerability exists in mtons mblog's search functionality where malicious JavaScript can be injected via the 'kw' parameter. This allows attackers to execute arbitrary sc...

CVE-2025-9432 is a cross-site scripting (XSS) vulnerability in mtons mblog's admin panel that allows attackers to inject malicious scripts via the Title parameter. This affects mtons mblog users up to...

This vulnerability in mtons mblog up to version 3.5.0 allows attackers to perform cross-site request forgery (CSRF) attacks. Attackers can trick authenticated users into executing unintended actions o...