Ez-blog Security Vulnerabilities and Issues — Ez-blog CVE List

Lucene search

Will KraftEz-blog

2 matches found

CVE•added 2010/04/23 2:30 p.m.•29 views

CVE-2009-4801

EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts.

7.5CVSS7.1AI score0.01066EPSS

CVE•added 2009/05/12 4:30 p.m.•27 views

CVE-2009-1626

SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the category parameter.

7.5CVSS8.7AI score0.00217EPSS

Web