CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

UbuntuCve•added 2007/10/12 9:17 p.m.•23 views

CVE-2007-5416

Drupal 5.2 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by invoking the drupaleval function through a callback parameter to t...

6.8CVSS6.1AI score0.06244EPSS

Exploits1References1

exploitpack•added 2007/10/10 12:0 a.m.•18 views

Drupal 5.2 - PHP Zend Hash ation Vector

Drupal 5.2 - PHP Zend Hash ation Vector Drupal = 5.2 PHP Zend Hash Vulnerability Exploitation Vector Example: http://www.example.com/drupal/?menucallbacks1callback=drupaleval&menuitemstype=-1&-312030023=1&q=1/?phpinfo; milw0rm.com 2007-10-10...

0.1AI score

Exploits0

Exploit DB•added 2007/10/10 12:0 a.m.•49 views

Drupal 5.2 - PHP Zend Hash ation Vector

Drupal = 5.2 PHP Zend Hash Vulnerability Exploitation Vector Example: http://www.example.com/drupal/?menucallbacks1callback=drupaleval&menuitemstype=-1&-312030023=1&q=1/?phpinfo; milw0rm.com 2007-10-10...

7AI score

Exploits0

securityvulns•added 2007/07/31 12:0 a.m.•37 views

[DRUPAL-SA-2007-017] Drupal 5.2 fixes multiple CSRF vulnerabilities

---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2007-017 ---------------------------------------------------------------------------- Project: Drupal core Version: 5.x Date: 2007-July-26 Security risk: Moderately critical Exploitable...

6.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by