Scripts.oldguy Talkback — known CVE vulnerabilities
Every CVE whose affected-product data names Scripts.oldguy Talkback, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2009-4854 — CVSS 7.5 (high): addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter.
CVE-2009-4874 — CVSS 6.4 (medium): TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify…