Vulnerability Details CVE-2007-5374
cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 80.0%
CVSS Severity
CVSS v2 Score 6.5
References
- http://secunia.com/advisories/27164
- http://www.securityfocus.com/bid/25990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37050
- https://www.exploit-db.com/exploits/4505
- http://secunia.com/advisories/27164
- http://www.securityfocus.com/bid/25990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37050
- https://www.exploit-db.com/exploits/4505