Lucene search

[email protected]CVE-2007-5818

HistoryNov 05, 2007 - 6:46 p.m.

CVE-2007-5818

2007-11-0518:46:00

CWE-352

[email protected]

web.nvd.nist.gov

csrf

vulnerability

sblog

remote attackers

administrators

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.0%

JSON

Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators.

Affected configurations

NVD

Node

sblogsblogMatch0.7.3_beta

CPENameOperatorVersion
sblog:sblogsblogeq0.7.3_beta

CPE	Name	Operator	Version
sblog:sblog	sblog	eq	0.7.3_beta

References

0x90.com.ar/Advisory/20071031.txt

secunia.com/advisories/27485

securityreason.com/securityalert/3341

www.securityfocus.com/archive/1/483108/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/38216

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for CVE-2007-5818

prion1 nvd1 cvelist1