Oneblog

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-56264 HIGH POC This Week

The /api/comment endpoint in zhangyd-c OneBlog 2.3.9 contains a denial-of-service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Oneblog

NVD GitHub

CVSS 3.1

7.5

EPSS

0.1%

CVE-2025-2835 MEDIUM POC This Month

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Oneblog

NVD GitHub VulDB

CVSS 4.0

5.3

EPSS

0.1%

CVE-2025-2833 MEDIUM POC This Month

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Oneblog

NVD GitHub VulDB

CVSS 4.0

6.9

EPSS

0.3%

CVE-2024-54954 HIGH POC This Week

OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Ssti Oneblog

NVD GitHub

CVSS 3.1

8.0

EPSS

0.8%

CVE-2025-56264

EPSS 0% CVSS 7.5

HIGH POC This Week

Denial Of Service Oneblog

NVD GitHub

CVE-2025-2835

EPSS 0% CVSS 5.3

MEDIUM POC This Month

SSRF Oneblog

NVD GitHub VulDB

CVE-2025-2833

EPSS 0% CVSS 6.9

MEDIUM POC This Month

Denial Of Service Oneblog

NVD GitHub VulDB

CVE-2024-54954

EPSS 1% CVSS 8.0

HIGH POC This Week

Code Injection Ssti Oneblog

NVD GitHub