← back
CVE-2007-5593

CVE-2007-5593

EPSS 3.8%
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://drupal.org/files/sa-2007-025/SA-2007-025-5.2.patchhttp://drupal.org/node/184316http://osvdb.org/39648http://secunia.com/advisories/27290http://secunia.com/advisories/27352https://exchange.xforce.ibmcloud.com/vulnerabilities/37265https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00328.htmlhttp://www.securityfocus.com/bid/26119