2 matches found
CVE-2008-3000
The vulnerability CVE-2008-3000 affects Drupal’s Aggregation module (5.x) prior to 5.x-4.4 when node access modules are enabled. The issue is a faulty access-control implementation that may allow remote attackers to bypass restrictions and access areas they should not reach. The description and m...
CVE-2008-3001
CVE-2008-3001 affects Drupal’s Aggregation module (5.x) prior to 5.x-4.4. A crafted feed enables uploading files with arbitrary extensions, which could lead to remote code execution. Impact is described as remote attacker access with potentially complete compromise. A patch is available in 5.x-4....