Vulnerability Details CVE-2007-5374
cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.035
EPSS Ranking 87.1%
CVSS Severity
CVSS v2 Score 6.5
References
- http://secunia.com/advisories/27164
- http://www.securityfocus.com/bid/25990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37050
- https://www.exploit-db.com/exploits/4505
- http://secunia.com/advisories/27164
- http://www.securityfocus.com/bid/25990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37050
- https://www.exploit-db.com/exploits/4505