Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-2077

Опубликовано: 16 июн. 2009
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote authenticated users to bypass access restrictions and (1) read unpublished content from anonymous users when a view is already configured to display the content, and (2) read private content in generated queries.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:angrydonuts:views:6.x-2.0:*:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:beta2:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:beta4:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:rc4:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.0:rc5:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.1:*:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.2:*:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.3:*:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.4:*:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.5:*:*:*:*:*:*:*
cpe:2.3:a:angrydonuts:views:6.x-2.x:dev:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

EPSS

Процентиль: 40%
0.00179
Низкий

4 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

debian логотип

CVE-2009-2077

debian
около 16 лет назад

Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote authenti ...

github логотип

GHSA-fph5-grvq-gv75

github
около 3 лет назад

Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote authenticated users to bypass access restrictions and (1) read unpublished content from anonymous users when a view is already configured to display the content, and (2) read private content in generated queries.

EPSS

Процентиль: 40%
0.00179
Низкий

4 Medium

CVSS2

Дефекты

CWE-264