📦 Perfreeblog

This vulnerability allows attackers to upload malicious files to PerfreeBlog's admin interface, leading to remote code execution. Attackers can gain full control of affected systems by uploading craft...

PerfreeBlog v4.0.11 contains an arbitrary file upload vulnerability in the installPlugin function that allows attackers to upload malicious files. This affects all PerfreeBlog installations running th...

PerfreeBlog v4.0.11 contains an arbitrary file deletion vulnerability in the unInstallTheme function that allows attackers to delete files on the server. This affects all installations of PerfreeBlog ...

PerfreeBlog v4.0.11 contains a directory traversal vulnerability in the getThemeFilesByName function that allows attackers to read arbitrary files on the server. This affects all installations running...

PerfreeBlog 4.0.11 contains an arbitrary file upload vulnerability in the attach component that allows regular users to upload malicious files and execute code. This enables remote code execution (RCE...

This vulnerability allows remote attackers to execute arbitrary code on PerfreeBlog installations by uploading malicious plugin files through the admin interface. It affects all users running PerfreeB...

PerfreeBlog v4.0.11 contains a Server-Side Request Forgery vulnerability in the uploadAttachByUrl API endpoint that allows attackers to make unauthorized requests from the server. This could lead to i...

PerfreeBlog v4.0.11 contains an arbitrary file read vulnerability in the validThemeFilePath function that allows attackers to read sensitive files on the server. This affects all users running the vul...