Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5374

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2007-5374
Last Modified 05 Sep 2008 05:30:34
Published 11 Oct 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2007-5374

Summary

cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account.

Vulnerable Systems

Application

  • Lightblog 8.4.1.1


References

MILW0RM - 4505

XF - lightblog-cpmemberedit-privilege-escalation(37050)

BID - 25990

SECUNIA - 27164


Last Updated: 27 May 2016 10:46:09