Authentication flaw

2006-01-1901:03:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.3%

create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.

CPENameOperatorVersion
aobloggereq2.3

CPE	Name	Operator	Version
	aoblogger	eq	2.3

References

archives.neohapsis.com/archives/bugtraq/2006-01/0322.html

evuln.com/vulns/37/summary.html

mikeheltonisawesome.com/viewcomments.php?idd=46

secunia.com/advisories/16889

www.securityfocus.com/bid/16286

www.vupen.com/english/advisories/2006/0240

exchange.xforce.ibmcloud.com/vulnerabilities/24143