CVE-2009-4801
Will Kraft Ez-blog - Authentication Bypass
Title source: ruleDescription
EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Salvatore Fresta · textwebappsphp
https://www.exploit-db.com/exploits/8128
Scores
EPSS
0.0239
EPSS Percentile
84.8%
Classification
CWE
CWE-287
Status
draft
Affected Products (1)
will_kraft/ez-blog
Timeline
Published
Apr 23, 2010
Tracked Since
Feb 18, 2026