CVE-2025-9100

Medium CVSS: 5.5

A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The manipulation leads to authentication bypass by capture-replay. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor

Zhenfeng13

Product

My-blog

CWE

CWE-287

Yayın Tarihi

2025-08-18 02:15:27

Güncelleme

2025-09-03 15:25:42

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-287 My-blog MEDIUM Zhenfeng13 2025

Referanslar

https://github.com/ZHENFENG13/My-Blog/issues/149 https://github.com/ZHENFENG13/My-Blog/issues/149#issue-3265307853 https://vuldb.com/?ctiid.320422 https://vuldb.com/?id.320422 https://vuldb.com/?submit.628097 https://github.com/ZHENFENG13/My-Blog/issues/149 https://github.com/ZHENFENG13/My-Blog/issues/149#issue-3265307853

Benzer Kayıtlar

Medium

CVE-2025-9101

A weakness has been identified in zhenfeng13 My-Blog up to 1.0.0. This issue affects some unknown processing of the file…

Medium

CVE-2025-8740

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unkno…

Medium

CVE-2025-8739

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unkno…

Medium

CVE-2025-3808

A vulnerability has been found in zhenfeng13 My-BBS 1.0 and classified as problematic. This vulnerability affects unknow…

Medium

CVE-2025-3807

A vulnerability, which was classified as critical, was found in zhenfeng13 My-BBS 1.0. This affects the function Upload…

Medium

CVE-2025-3593

A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been declared as critical. This vulnerab…