Medium severity6.1NVD Advisory· Published Mar 6, 2018· Updated Jun 17, 2026
CVE-2018-7736
CVE-2018-7736
Description
In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME parameter or ZC_UPLOAD_FILETYPE parameter. NOTE: the software maintainer disputes that this is a vulnerability
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/147066/Z-Blog-1.5.1.1740-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/44406/nvdExploitThird Party AdvisoryVDB Entry
- github.com/ponyma233/cms/blob/master/Z-Blog_1.5.1.1740_bugs.mdnvdBroken LinkThird Party Advisory
- github.com/zblogcn/zblogphp/issues/205nvdThird Party Advisory
News mentions
0No linked articles in our index yet.