Описание
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- PatchVendor Advisory
- Vendor Advisory
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.0 (включая) до 5.3 (исключая)
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02505
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
больше 18 лет назад
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
debian
больше 18 лет назад
install.php in Drupal 5.x before 5.3, when the configured database ser ...
github
почти 4 года назад
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
EPSS
Процентиль: 85%
0.02505
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94