Authentication flaw

2007-07-2517:30:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

JSON

admin/ajoutaut.php in JBlog 1.0 does not require authentication, which allows remote attackers to create arbitrary accounts via modified mot and droit parameters.

CPENameOperatorVersion
jblogeq1.0

CPE	Name	Operator	Version
	jblog	eq	1.0

References

osvdb.org/38561

secunia.com/advisories/26165

securityreason.com/securityalert/2919

www.securityfocus.com/archive/1/474320/100/0/threaded

www.securityfocus.com/bid/24991

www.vupen.com/english/advisories/2007/2611

exchange.xforce.ibmcloud.com/vulnerabilities/35550

www.exploit-db.com/exploits/4211