Описание
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors.
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-2302
- http://drupal.org/node/1546224
- http://drupal.org/node/1547686
- http://drupalcode.org/project/sitedoc.git/commitdiff/521721c
- http://www.openwall.com/lists/oss-security/2012/05/03/1
- http://www.openwall.com/lists/oss-security/2012/05/03/2
- http://www.osvdb.org/81555
Связанные уязвимости
nvd
почти 13 лет назад
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors.