Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-4526

Опубликовано: 31 дек. 2009
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote attackers to read page titles by requesting a "Send to friend" form.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:joao_ventura:print:5.x-4.0:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.1:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.2:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.3:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.4:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.5:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.6:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.7:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.8:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:5.x-4.x:dev:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:rc4:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:rc5:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:rc8:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.0:rc9:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.1:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.2:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.3:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.4:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.5:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.6:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.7:*:*:*:*:*:*:*
cpe:2.3:a:joao_ventura:print:6.x-1.x:dev:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.00595
Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

github логотип

GHSA-8pmh-q3r3-84r8

github
около 3 лет назад

The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote attackers to read page titles by requesting a "Send to friend" form.

EPSS

Процентиль: 68%
0.00595
Низкий

5 Medium

CVSS2

Дефекты

CWE-264