MidnightBSD

Advisories for cells

CVE-2017-17948 MEDIUM

Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
cells blog 3.5
CVE-2017-17949 MEDIUM

Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
cells blog 3.5
CVE-2017-17950 MEDIUM

Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
cells blog 3.5