cbcvebase.

Lenve Vblog vulnerabilities

3 known vulnerabilities affecting lenve/vblog.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-2363P2CRITICALCVSS 9.8v1.02025-03-17
CVE-2025-2363 [CRITICAL] CWE-22 CVE-2025-2363: A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the fu A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the pub
nvd
CVE-2025-3398P2CRITICALCVSS 9.8v1.02025-04-08
CVE-2025-3398 [CRITICAL] CWE-266 CVE-2025-3398: A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulner A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function configure of the file blogserver/src/main/java/org/sang/config/WebSecurityConfig.java. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and ma
nvd
CVE-2025-2364P4MEDIUMCVSS 5.4v1.02025-03-17
CVE-2025-2364 [MEDIUM] CWE-79 CVE-2025-2364: A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vul A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site scripting. The attack can be launched remotely. The exploit has
nvd
Lenve Vblog vulnerabilities | cvebase