CVE-2007-3974 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-3974

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

admin/ajoutaut.php in JBlog 1.0 does not require authentication, which allows remote attackers to create arbitrary accounts via modified mot and droit parameters.

Affected Software

Name	Vendor	Start Version	End Version
Jblog	Jblog	1.0 (including)	1.0 (including)

References

http://osvdb.org/38561
http://secunia.com/advisories/26165
http://securityreason.com/securityalert/2919
http://www.securityfocus.com/archive/1/474320/100/0/threaded
http://www.securityfocus.com/bid/24991
http://www.vupen.com/english/advisories/2007/2611
https://exchange.xforce.ibmcloud.com/vulnerabilities/35550
https://www.exploit-db.com/exploits/4211