admin/index.php in oBlog allows remote malicious users to conduct brute-force password guessing attacks via HTTP requests.
dootzky oblog