Описание
The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
cpe:2.3:a:drupal:upload_module:*:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00939
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
почти 17 лет назад
The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors.
debian
почти 17 лет назад
The Upload module in Drupal 6.x before 6.4 allows remote authenticated ...
github
больше 3 лет назад
The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors.
EPSS
Процентиль: 75%
0.00939
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264