Diego Najar

3 exploits Active since Jun 2019
CVE-2026-46656 WRITEUP HIGH WRITEUP
Bludit CMS has improper authorization and mediation failure leading to persistent ghost sessions
Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding user account has been physically deleted from the database. This "Ghost Session" allows revoked users to maintain full unauthorized access to the system. Version 3.22.0 fixes the issue.
CVSS 8.8
CVE-2019-12548 WRITEUP HIGH WRITEUP
Bludit < 3.9.0 - Authenticated Remote Code Execution via Logo Upload
Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.
CVSS 8.8
CVE-2019-12742 WRITEUP HIGH WRITEUP
Bludit < 3.9.1 - Unauthenticated Password Change via Insecure Direct Object Reference
Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object Reference (a modified username POST parameter).
CVSS 8.8