Every CVE whose affected-product data names Epic Designs Eggblog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2005-4546 — CVSS 7.8 (high): search.php in eggblog 2.0 allows remote attackers to obtain the full path via an invalid q parameter, as used by the Keyword and Search…
CVE-2006-2727 — CVSS 7.5 (high): home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a…
CVE-2006-0349 — CVSS 7.5 (high): SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php.
CVE-2006-6046 — CVSS 6.8 (medium): Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 allow remote attackers to inject arbitrary web script or HTML via the…
CVE-2006-2725 — CVSS 6.4 (medium): SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id…
CVE-2006-0350 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field…
CVE-2005-4547 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in home/search.php in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via…