CVE-2025-29461

High CVSS: 7.6

An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the /bid/1/admin/entry-edit/ path.

Vendor

Product

CWE

Yayın Tarihi

2025-04-17 22:15:15

Güncelleme

2025-08-21 18:57:44

Source Identifier

cve@mitre.org

KEV Date Added

CWE-918 A-blogcms HIGH Appleple 2025

https://www.yuque.com/morysummer/vx41bz/xagedb4qdy5gouep

Low

CVE-2025-41429

a-blog cms multiple versions neutralize logs improperly. If this vulnerability is exploited with CVE-2025-36560, a remot…

Medium

CVE-2025-27566

Path traversal vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and versions prior to Ver. 3.0.47. This…

Medium

CVE-2025-32999

Cross-site scripting vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and prior to Ver. 3.0.47. This iss…

Critical

CVE-2025-36560

Server-side request forgery vulnerability exists in a-blog cms multiple versions. If this vulnerability is exploited, a…

High

CVE-2025-31103

Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbi…