Loading HuntDB...

GHSA-vhw4-mjfv-p3gg

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary code by uploading a specially crafted SVG file.

Related CVEs

Key Information

GHSA ID
GHSA-vhw4-mjfv-p3gg
Published
January 23, 2024 12:30 PM
Last Modified
June 4, 2025 6:30 PM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 12, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.