Directory Traversal Vulnerability in IMCE Module for Drupal
CVE-2006-7110

Currently unrated

Key Information:

Vendor

Drupal
Status
Imce Module
Vendor
CVE Published:
5 March 2007

What is CVE-2006-7110?

The IMCE module for Drupal prior to version 1.6 contains a directory traversal vulnerability in its delete function. This flaw enables remote authenticated users to exploit the module by manipulating file paths, specifically through the use of '..' sequences. As a result, these users can delete arbitrary files on the server, potentially leading to significant data loss or further exploits. It is crucial for database administrators and developers using this module to apply the necessary updates to safeguard against unauthorized file manipulation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/29324
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/20312
vdb-entryx_refsource_BID
http://drupal.org/node/87101
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.