Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Phillipsdata Subscribe
Filtered by product Blesta
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-25616 1 Phillipsdata 1 Blesta 2026-02-18 N/A 4.7 MEDIUM
Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665.
CVE-2026-25614 1 Phillipsdata 1 Blesta 2026-02-13 N/A 7.5 HIGH
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680.
CVE-2026-25615 1 Phillipsdata 1 Blesta 2026-02-13 N/A 7.2 HIGH
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668.
CVE-2024-25859 1 Phillipsdata 1 Blesta 2025-05-13 N/A 7.1 HIGH
A path traversal vulnerability in the /path/to/uploads/ directory of Blesta before v5.9.2 allows attackers to takeover user accounts and execute arbitrary code.