article.php in oBlog does not properly restrict comments, which allows remote malicious users to cause a denial of service (blog spam) via a comment=new action.
dootzky oblog