Dayfox Designs Dayfox Blog — known CVE vulnerabilities
Every CVE whose affected-product data names Dayfox Designs Dayfox Blog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2006-2522 — CVSS 7.5 (high): Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users.txt under the web document root with insufficient access control…
CVE-2006-5183 — CVSS 7.5 (high): Multiple PHP remote file inclusion vulnerabilities in Dayfox Designs Dayfox Blog 2.0 allow remote attackers to execute arbitrary PHP code…
CVE-2007-0150 — CVSS 7.5 (high): Multiple PHP remote file inclusion vulnerabilities in index.php in Dayfox Blog allow remote attackers to execute arbitrary PHP code via a…
CVE-2008-3564 — CVSS 7.5 (high): Multiple directory traversal vulnerabilities in index.php in Dayfox Blog 4 allow remote attackers to include and execute arbitrary local…
CVE-2007-1525 — CVSS 6.8 (medium): Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote attackers to execute arbitrary PHP code…