Vulnerabilities > Lightblog
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-06 | CVE-2008-0632 | Permissions, Privileges, and Access Controls vulnerability in Lightblog 9.5 Unrestricted file upload vulnerability in cp_upload_image.php in LightBlog 9.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the blog's root directory. | 9.3 |
| 2007-10-11 | CVE-2007-5374 | Improper Authentication vulnerability in Lightblog 8.4.1.1 cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account. | 6.5 |