2 matches found
CVE-2007-5593
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified...
CVE-2007-5593
Drupal 5.x before 5.3 is vulnerable: if the configured database server is unreachable, an attacker can trigger arbitrary code execution by exploiting install.php vectors that cause settings.php to be modified. The issue is addressed by upgrading Drupal to 5.3 (e.g., Drupal 5.3-1 for the affected ...