{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T15:54:20.191","vulnerabilities":[{"cve":{"id":"CVE-2018-10255","sourceIdentifier":"cve@mitre.org","published":"2018-05-01T19:29:01.170","lastModified":"2024-11-21T03:41:07.307","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CSV Injection vulnerability was discovered in clustercoding Blog Master Pro v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution."},{"lang":"es","value":"Se ha descubierto una vulnerabilidad de inyección CSV en clustercoding Blog Master Pro v1.0 que permite que un usuario con privilegios bajos inyecte un comando que se incluiría en el archivo CSV exportado, conduciendo a una posible ejecución de código."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1236"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clustercoding:blog_master_pro:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"426303BB-EDC3-4C53-9D8F-0652C632A5F9"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/147363/Blog-Master-Pro-1.0-CSV-Injection.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/44535/","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/147363/Blog-Master-Pro-1.0-CSV-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/44535/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}