CVE-2025-36560 – A-Blog CMS SSRF Vulnerability

May 19, 2025

CVE ID : CVE-2025-36560

Published : May 19, 2025, 9:15 a.m. | 1 hour, 29 minutes ago

Description : Server-side request forgery vulnerability exists in a-blog cms multiple versions. If this vulnerability is exploited, a remote unauthenticated attacker may gain access to sensitive information by sending a specially crafted request.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27566 – a-blog CMS Path Traversal Vulnerability

Next Article CVE-2025-47758 – Citrix Systems VSFT Stack-Based Buffer Overflow Vulnerability

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-36560 – A-Blog CMS SSRF Vulnerability

Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

CVE-2025-49886 – WebGeniusLab Zikzag Core PHP RFI Vulnerability

CVE-2025-4816 – SourceCodester Doctor’s Appointment System SQL Injection Vulnerability

CVE-2025-46690 – Ververica Platform SQL Connector Unauthorized Access Vulnerability

CVE-2025-3856 – Xxyopen Novel-Plus SQL Injection Vulnerability

CVE-2022-44452 – Apache Struts Remote Code Execution Vulnerability

CVE-2025-46780 – Apache HTTP Server Denial of Service

Otter is a self-hosted bookmark manager

CVE-2025-2775 – SysAid On-Prem XXE Remote Code Execution

CVE-2025-36560 – A-Blog CMS SSRF Vulnerability

Related Posts