vendor:
MyBlog
by:
BlackHawk
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: MyBlog
Affected Version From: 2000.9.8
Affected Version To: 2000.9.8
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
MyBlog Authentication Bypass Vulnerability
Attackers can exploit this issue to bypass the authentication mechanism and then access or overwrite files with arbitrary PHP script code. Script code added to certain files are later included for execution, allowing the attacker to execute arbitrary PHP script code.
Mitigation:
Upgrade to a version higher than 0.9.8
