Описание
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- PatchVendor Advisory
- Vendor Advisory
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.0 (включая) до 5.3 (исключая)
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02349
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
больше 17 лет назад
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
debian
больше 17 лет назад
install.php in Drupal 5.x before 5.3, when the configured database ser ...
github
около 3 лет назад
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
EPSS
Процентиль: 84%
0.02349
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94