Bludit : Security Vulnerabilities, CVEs, Published In 2021

CVE-2021-35323

Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login.
Max CVSS
6.1
EPSS Score
0.18%
Published
2021-10-19
Updated
2021-11-30

CVE-2021-25808

A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.
Max CVSS
7.8
EPSS Score
0.15%
Published
2021-07-23
Updated
2021-08-02

CVE-2020-23765

A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server.
Max CVSS
7.2
EPSS Score
0.09%
Published
2021-05-21
Updated
2021-05-27

CVE-2020-20495

bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter.
Max CVSS
9.1
EPSS Score
0.10%
Published
2021-09-01
Updated
2021-09-08

CVE-2020-18879

Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'.
Max CVSS
9.8
EPSS Score
0.62%
Published
2021-08-20
Updated
2021-08-24
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close