Oneblog

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-56264 HIGH POC This Week

The /api/comment endpoint in zhangyd-c OneBlog 2.3.9 contains a denial-of-service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Oneblog
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-2835 MEDIUM POC This Month

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Oneblog
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-2833 MEDIUM POC This Month

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Oneblog
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2024-54954 HIGH POC This Week

OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Ssti Oneblog
NVD GitHub
CVSS 3.1
8.0
EPSS
0.8%
CVE-2025-56264
EPSS 0% CVSS 7.5
HIGH POC This Week

The /api/comment endpoint in zhangyd-c OneBlog 2.3.9 contains a denial-of-service vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Oneblog
NVD GitHub
CVE-2025-2835
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Oneblog
NVD GitHub VulDB
CVE-2025-2833
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Oneblog
NVD GitHub VulDB
CVE-2024-54954
EPSS 1% CVSS 8.0
HIGH POC This Week

OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Ssti Oneblog
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy