CVE-2008-4790

CVE-2008-4790

EPSS 1.0%

The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://drupal.org/node/318706 http://secunia.com/advisories/32198 http://secunia.com/advisories/32200 https://exchange.xforce.ibmcloud.com/vulnerabilities/45758 http://www.openwall.com/lists/oss-security/2008/10/21/7