Unrated severityNVD Advisory· Published May 1, 2018· Updated Aug 5, 2024

CVE-2018-10255

Description

A CSV Injection vulnerability was discovered in clustercoding Blog Master Pro v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.

Affected products

clustercoding/Blog Master Prollm-create
Range: =1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/44535/mitreexploitx_refsource_EXPLOIT-DB
packetstormsecurity.com/files/147363/Blog-Master-Pro-1.0-CSV-Injection.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000