Описание
The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."
Ссылки
- Patch
- PatchVendor Advisory
- Patch
- Patch
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:drupal:magic_tabs_module:5:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00619
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."
EPSS
Процентиль: 69%
0.00619
Низкий
7.5 High
CVSS2
Дефекты
CWE-94