Vendor
OBlog
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4907 | 0.03 | — | 0.01 | Jun 25, 2010 | Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) force an admin logout, (3) change the visibility of posts, (4) remove links, and (5)… | |||
| CVE-2009-0283 | 0.03 | — | 0.01 | Jan 27, 2009 | Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||
| CVE-2009-4904 | 0.00 | — | 0.01 | Jun 25, 2010 | article.php in oBlog does not properly restrict comments, which allows remote attackers to cause a denial of service (blog spam) via a comment=new action. |
- CVE-2009-4907Jun 25, 2010risk 0.03cvss —epss 0.01
Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) force an admin logout, (3) change the visibility of posts, (4) remove links, and (5)…
- CVE-2009-0283Jan 27, 2009risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbitrary web script or HTML via the message parameter.
- CVE-2009-4904Jun 25, 2010risk 0.00cvss —epss 0.01
article.php in oBlog does not properly restrict comments, which allows remote attackers to cause a denial of service (blog spam) via a comment=new action.