Vulnerability Details CVE-2007-3974
admin/ajoutaut.php in JBlog 1.0 does not require authentication, which allows remote attackers to create arbitrary accounts via modified mot and droit parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.196
EPSS Ranking 95.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/38561
- http://secunia.com/advisories/26165
- http://securityreason.com/securityalert/2919
- http://www.securityfocus.com/archive/1/474320/100/0/threaded
- http://www.securityfocus.com/bid/24991
- http://www.vupen.com/english/advisories/2007/2611
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35550
- https://www.exploit-db.com/exploits/4211
- http://osvdb.org/38561
- http://secunia.com/advisories/26165
- http://securityreason.com/securityalert/2919
- http://www.securityfocus.com/archive/1/474320/100/0/threaded
- http://www.securityfocus.com/bid/24991
- http://www.vupen.com/english/advisories/2007/2611
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35550
- https://www.exploit-db.com/exploits/4211