Vulnerability Details CVE-2018-18381
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.5%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References