Filtered by vendor Lightblog
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0632 | 1 Lightblog | 1 Lightblog | 2024-11-21 | 9.3 HIGH | N/A |
Unrestricted file upload vulnerability in cp_upload_image.php in LightBlog 9.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the blog's root directory. | |||||
CVE-2007-5374 | 1 Lightblog | 1 Lightblog | 2024-11-21 | 6.5 MEDIUM | N/A |
cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account. |