Zblogcn: Security Vulnerabilities
Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via a direct request to zb_system/function/lib/upload.php.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-02-08
Z-BlogPHP 1.5.1 has CSRF via zb_users/plugin/AppCentre/app_del.php, as demonstrated by deleting files and directories.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-02-06
Page 3