CVE-2007-3974

JBlog 1.0 - RCE

Title source: llm

Description

admin/ajoutaut.php in JBlog 1.0 does not require authentication, which allows remote attackers to create arbitrary accounts via modified mot and droit parameters.

Exploits (2)

exploitdb WORKING POC VERIFIED
by s4mi · htmlwebappsphp
https://www.exploit-db.com/exploits/4211
exploitdb WORKING POC
perlwebappsphp
https://www.exploit-db.com/exploits/4408

References (8)

Scores

EPSS 0.3436
EPSS Percentile 97.0%

Details

Status published
Products (1)
jblog/jblog 1.0
Published Jul 25, 2007
Tracked Since Feb 18, 2026