CVE-2007-1432 Information

Feb 14, 2021 cve

Description

Grayscale Blog 0.8.0 and possibly earlier versions allows remote attackers to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php and unspecified parameters to (2) addblog.php (3) editblog.php (4) editlinks.php (5) edit_users.php and (6) add_links.php.

Reference

http://securityreason.com/securityalert/2417 http://www.securityfocus.com/archive/1/462441/100/0/threaded http://www.securityfocus.com/bid/22911 http://www.vupen.com/english/advisories/2007/0916

Share on: