CVE-2007-0505

Currently unrated

Key Information:

Vendor: Drupal
Status: Project Issue Tracking Module; Project
Vendor: CVE Published:; 26 January 2007

Summary

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue.

References

http://secunia.com/advisories/23887

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/22224

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/31729

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 26, 2007
Vulnerability Reserved
Jan 25, 2007