CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-19228
https://notcve.org/view.php?id=CVE-2020-19228
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. Se ha encontrado un problema en bludit versión v3.13.0, una implementación no segura del plugin de copia de seguridad permite a atacantes cargar archivos arbitrarios • http://bludit.com https://github.com/bludit/bludit/issues/1242 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45745
https://notcve.org/view.php?id=CVE-2021-45745
A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Bludit versión 3.13.1, por medio del plugin About en el panel de acceso. • https://github.com/plsanu/CVE-2021-45745 https://github.com/plsanu/Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS https://www.plsanu.com/bludit-3-13-1-about-plugin-stored-cross-site-scripting-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45744
https://notcve.org/view.php?id=CVE-2021-45744
A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) almacenada en Bludit versión 3.13.1, por medio de la sección TAGS en el panel de acceso. • https://github.com/plsanu/CVE-2021-45744 https://github.com/plsanu/Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS https://www.plsanu.com/bludit-3-13-1-tags-field-stored-cross-site-scripting-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-20495
https://notcve.org/view.php?id=CVE-2020-20495
bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter. bludit versión v3.13.0 contiene una vulnerabilidad de eliminación de archivos arbitraria en el plugin de copia de seguridad por medio del parámetro "deleteBackup" • https://github.com/bludit/bludit/issues/1246 •