Drupal : Security vulnerabilities, CVEs published in February 2007

Copy

CVE-2007-1035

Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.

Max CVSS

7.5

EPSS Score

2.46%

Published

2007-02-21

Updated

2017-07-29

CVE-2007-1033

Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x-dev module for Drupal allows remote attackers to bypass access restrictions via a crafted URL.

Max CVSS

7.5

EPSS Score

1.19%

Published

2007-02-21

Updated

2017-07-29

CVE-2007-0658

The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $_SESSION.

Max CVSS

5.0

EPSS Score

8.28%

Published

2007-02-01

Updated

2017-07-29

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!