CVE-2007-1033

CVE-2007-1033 affects the Drupal Secure site module (versions 4.7.x-1.x-dev and 5.x-1.x-dev). The issue permits remote attackers to bypass access restrictions by requesting a crafted URL, enabling partial confidentiality/integrity/availability impact as indicated by the CVSS vector (AV:N/AC:L/Au:...

CVE-2008-0568

The CVE-2008-0568 entry concerns the Drupal Secure Site module (versions 5.x-1.0 and 4.7.x-1.0) with an IP-authentication weakness that lets remote attackers gain the privileges of a user authenticated behind the same proxy. The available descriptions do not specify the root cause details, affect...