CVE-2024-13190 | ZeroWdd myblog 1.0 BlogMapper.xml findBlogList/getTotalBlogs xml injection

Inserito da Angelo Barbosa | Gen 8, 2025 | CVE

A vulnerability classified as critical was found in ZeroWdd myblog 1.0. This vulnerability affects unknown code of the file src/main/resources/mapper/BlogMapper.xml. The manipulation of the argument findBlogList/getTotalBlogs leads to xml injection.

This vulnerability was named CVE-2024-13190. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-13190 | ZeroWdd myblog 1.0 BlogMapper.xml findBlogList/getTotalBlogs xml injection

Post correlati

CVE-2024-39884 | Apache HTTP Server AddType source code

CVE-2022-46025 | Totolink N200RE v5 9.3.5u.6255_B20211224 Wi-Fi Information access control

CVE-2024-1377 | Happy Addons for Elementor Plugin up to 3.10.3 on WordPress Author Meta Widget cross site scripting

CVE-2024-56298 | 5 Star Plugins Pretty Simple Popup Builder Plugin up to 1.0.9 on WordPress cross site scripting