Drupal : Security Vulnerabilities, CVEs, Published In February 2007
Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.
Max CVSS
7.5
EPSS Score
2.46%
Published
2007-02-21
Updated
2017-07-29
Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x-dev module for Drupal allows remote attackers to bypass access restrictions via a crafted URL.
Max CVSS
7.5
EPSS Score
1.19%
Published
2007-02-21
Updated
2017-07-29
The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $_SESSION.
Max CVSS
5.0
EPSS Score
8.28%
Published
2007-02-01
Updated
2017-07-29
3 vulnerabilities found