Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-4333

Malware in sbrugna...

4.3CVSS6.4AI score0.00925EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-4334

Malware in sbrugna...

4.3CVSS6.4AI score0.01525EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-4332

Malware in sbrugna...

4.3CVSS6.4AI score0.01472EPSS
Exploits0References4
Prion
Prion
added 2009/12/21 4:30 p.m.13 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

4.3CVSS7.8AI score0.00925EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/12/21 4:30 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote attackers to inject arbitrary web script or HTML via the yr parameter in a bmonth action...

4.3CVSS6.1AI score0.01525EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2009/12/21 4:30 p.m.14 views

CVE-2009-4366

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote attackers to inject arbitrary web script or HTML via the yr parameter in a bmonth action...

4.3CVSS5.7AI score0.01525EPSS
Exploits1References4
NVD
NVD
added 2009/12/21 4:30 p.m.22 views

CVE-2009-4364

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog allows remote attackers to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS5.6AI score0.01472EPSS
Exploits0References3
Prion
Prion
added 2009/12/21 4:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog allows remote attackers to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS6.1AI score0.01472EPSS
Exploits0References3
NVD
NVD
added 2009/12/21 4:30 p.m.13 views

CVE-2009-4365

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

4.3CVSS7.2AI score0.00925EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/12/21 4:0 p.m.18 views

CVE-2009-4365

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

7.2AI score0.00925EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/12/21 4:0 p.m.18 views

CVE-2009-4364

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog allows remote attackers to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

5.6AI score0.01472EPSS
Exploits0References3
CVE
CVE
added 2009/12/21 4:0 p.m.48 views

CVE-2009-4366

ScriptsEz Ez Blog 1.0 contains a cross-site scripting (XSS) vulnerability in index.php where the yr parameter in a bmonth action can be used to inject arbitrary web script/HTML. CVE-2009-4366 has CVSSv2 base score 4.3 (Medium); attack vector: Network; authentication: None; confidentiality impact:...

4.3CVSS5.7AI score0.01525EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/12/21 4:0 p.m.39 views

CVE-2009-4364

CVE-2009-4364 describes a Cross-site Scripting (XSS) vulnerability in the ScriptsEz Ez Blog, affecting the application’s index.php where the cname parameter can inject arbitrary web script/HTML (related to the act and id parameters). The root cause is insufficient input validation on cname. Impac...

4.3CVSS5.6AI score0.01472EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/12/21 4:0 p.m.48 views

CVE-2009-4365

CVE-2009-4365 describes multiple cross-site request forgery (CSRF) vulnerabilities in admin.php of ScriptsEz Ez Blog 1.0. The issue allows remote attackers to hijack administrator sessions and perform actions such as adding a blog (add_blog), approving comments (approve_comment), changing adminis...

4.3CVSS7.2AI score0.00925EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder