Количество 3
Количество 3
CVE-2019-19826
The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involving a field_names object and an Archive_Tar object, for file deletion. Code execution might also be possible.
GHSA-xcx8-qfq7-xq62
The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involving a field_names object and an Archive_Tar object, for file deletion. Code execution might also be possible.
BDU:2020-00575
Уязвимость компонента handlers/views_handler_filter_dynamic_fields.inc модуля Views Dynamic Fields CMS-системы Drupal, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-19826 The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involving a field_names object and an Archive_Tar object, for file deletion. Code execution might also be possible. | CVSS3: 9.8 | 2% Низкий | около 6 лет назад |
| GHSA-xcx8-qfq7-xq62 The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal makes insecure unserialize calls in handlers/views_handler_filter_dynamic_fields.inc, as demonstrated by PHP object injection, involving a field_names object and an Archive_Tar object, for file deletion. Code execution might also be possible. | 2% Низкий | больше 3 лет назад | |
 | BDU:2020-00575 Уязвимость компонента handlers/views_handler_filter_dynamic_fields.inc модуля Views Dynamic Fields CMS-системы Drupal, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 2% Низкий | около 6 лет назад |
Уязвимостей на страницу