exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2015-6660

почти 10 лет назад

The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."

CVSS2: 6.8

EPSS: Низкий

CVE-2015-6660

почти 10 лет назад

The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."

CVSS2: 6.8

EPSS: Низкий

CVE-2015-6660

почти 10 лет назад

The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not pr ...

CVSS2: 6.8

EPSS: Низкий

GHSA-vfw4-2ffw-69gw

около 3 лет назад

The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-6660 The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."	CVSS2: 6.8	0% Низкий	почти 10 лет назад
CVE-2015-6660 The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."	CVSS2: 6.8	0% Низкий	почти 10 лет назад
CVE-2015-6660 The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not pr ...	CVSS2: 6.8	0% Низкий	почти 10 лет назад
GHSA-vfw4-2ffw-69gw The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."		0% Низкий	около 3 лет назад

Уязвимостей на страницу