Описание
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- PatchVendor Advisory
- Vendor Advisory
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.0 (включая) до 5.3 (исключая)
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03096
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
почти 18 лет назад
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
debian
почти 18 лет назад
install.php in Drupal 5.x before 5.3, when the configured database ser ...
github
больше 3 лет назад
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
EPSS
Процентиль: 86%
0.03096
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94