Scriptsez Ez Blog vulnerabilities
2 known vulnerabilities affecting scriptsez/ez_blog.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-4365P4MEDIUMCVSS 4.3PoCv1.02009-12-21
CVE-2009-4365 [MEDIUM] CWE-352 CVE-2009-4365: Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 all
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a blog via the add_blog action, (2) approve a comment via the approve_comment action, (3) change administrator information including the password via the admin_
nvd
CVE-2009-4366P4MEDIUMCVSS 4.3PoCv1.02009-12-21
CVE-2009-4366 [MEDIUM] CWE-79 CVE-2009-4366: Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote attacke
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote attackers to inject arbitrary web script or HTML via the yr parameter in a bmonth action.
nvd