ByteOS Network

cells

Source -

NVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2017-17948

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-6.1||MEDIUM

EPSS-0.24% / 47.17%

7 Day CHG~0.00%

Published-28 Dec, 2017 | 18:00

Updated-20 Apr, 2025 | 01:37

Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request.

Vendor-cells n/a

Product-blog n/a

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2017-17949

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-6.1||MEDIUM

EPSS-0.24% / 47.17%

7 Day CHG~0.00%

Published-28 Dec, 2017 | 18:00

Updated-20 Apr, 2025 | 01:37

Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter.

Vendor-cells n/a

Product-blog n/a

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2017-17950

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-8.8||HIGH

EPSS-0.23% / 45.91%

7 Day CHG~0.00%

Published-28 Dec, 2017 | 18:00

Updated-20 Apr, 2025 | 01:37

Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.

Vendor-cells n/a

Product-blog n/a

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')