CVE-2007-5818 — HIGH (7.6) — White Hats Nepal

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators.

CVSS Score

7.6

HIGH

AV:N/AC:H/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Sblog	Sblog	0.7.3_beta

Related Weaknesses (CWE)

CWE-352

References

http://0x90.com.ar/Advisory/20071031.txt
http://secunia.com/advisories/27485
http://securityreason.com/securityalert/3341
http://www.securityfocus.com/archive/1/483108/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/38216
http://0x90.com.ar/Advisory/20071031.txt
http://secunia.com/advisories/27485
http://securityreason.com/securityalert/3341
http://www.securityfocus.com/archive/1/483108/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/38216

FAQ

What is CVE-2007-5818?

CVE-2007-5818 is a vulnerability with a CVSS score of 7.6 (HIGH). Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators.

How severe is CVE-2007-5818?

CVE-2007-5818 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-5818?

Check the references section above for vendor advisories and patch information. Affected products include: Sblog Sblog.