Every CVE whose affected-product data names Will Kraft Ez-blog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2009-1626 — CVSS 7.5 (high): SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote…
CVE-2009-4801 — CVSS 7.5 (high): EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP…
CVE-2009-4805 — CVSS 6.8 (medium): Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary…