CVE-2007-5988

CVE-2007-5988 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.

Learn more about our User Device Pen Test.