Lucene search
MitreCVELIST:CVE-2016-7572HistoryOct 03, 2016 - 6:00 p.m.
CVE-2016-7572
2016-10-0318:00:00
mitre
www.cve.org
1
The system.temporary route in Drupal 8.x before 8.1.10 does not properly check for “Export configuration” permission, which allows remote authenticated users to bypass intended access restrictions and read a full config export via unspecified vectors.
Related
prion
prion
Code injection
2016-10-03 18:59:00
ubuntucve
ubuntucve
CVE-2016-7572
2016-10-03 00:00:00
osv
osv
Drupal Unprivileged access to config export
2022-05-17 03:47:57
friendsofphp
friendsofphp
Full config export can be downloaded without administrative permissions
2016-09-21 18:39:00
Full config export can be downloaded without administrative permissions
2016-09-21 18:39:00
github
github
Drupal Unprivileged access to config export
2022-05-17 03:47:57
cve
cve
CVE-2016-7572
2016-10-03 18:59:18
checkpoint_advisories
checkpoint_advisories
Drupal Sensitive Core Files Information Disclosure (CVE-2016-7572)
2016-10-06 00:00:00
nvd
nvd
CVE-2016-7572
2016-10-03 18:59:18
debiancve
debiancve
CVE-2016-7572
2016-10-03 18:59:00
drupal
drupal
Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2016-004
2016-09-21 00:00:00
openvas
openvas
Drupal Multiple Vulnerabilities (SA-CORE-2016-004) - Linux
2016-10-07 00:00:00
Drupal Multiple Vulnerabilities (SA-CORE-2016-004) - Windows
2016-10-07 00:00:00
nessus
nessus
Drupal 8.2.x < 8.2.0-rc2 Multiple Vulnerabilities
2018-11-05 00:00:00
Drupal 8.1.x < 8.1.10 Multiple Vulnerabilities
2016-10-28 00:00:00
Drupal 8.x < 8.1.10 Multiple Vulnerabilities
2018-11-05 00:00:00