Every CVE whose affected-product data names Dootzky Oblog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2009-4907 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote attackers to hijack the authentication of administrators…
CVE-2009-4909 — CVSS 6.8 (medium): admin/index.php in oBlog allows remote attackers to conduct brute-force password guessing attacks via HTTP requests.
CVE-2009-4904 — CVSS 5.0 (medium): article.php in oBlog does not properly restrict comments, which allows remote attackers to cause a denial of service (blog spam) via a…
CVE-2009-4903 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php in oBlog allows remote attackers to inject arbitrary web script or HTML via the…
CVE-2009-4908 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow remote attackers to inject arbitrary web script or HTML via the (1)…