CVE-2007-5374

CVE-2007-5374 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account.

Learn more about our User Device Pen Test.