6.4
CVE-2007-4047
- EPSS 3.28%
- Veröffentlicht 27.07.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:43:18
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LogingeoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.28% | 0.868 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:P
|
http://osvdb.org/42485
http://osvdb.org/42486
http://osvdb.org/42487
http://securityreason.com/securityalert/2934
http://www.securityfocus.com/archive/1/474127/100/0/threaded
http://www.securityfocus.com/bid/24966
https://exchange.xforce.ibmcloud.com/vulnerabilities/35494