Unrestricted File Upload Vulnerability in Project Issue Tracking for Drupal
CVE-2007-0505

Currently unrated

Key Information:

Vendor

Drupal
Status
Project Issue Tracking Module
Project
Vendor
CVE Published:
26 January 2007

What is CVE-2007-0505?

The Project issue tracking module for Drupal versions 4.7.0 through 5.x before January 23, 2007, contains an unrestricted file upload vulnerability. This flaw allows remote authenticated users to upload files with executable or multiple extensions, potentially leading to arbitrary code execution on the server. Attackers can leverage this vulnerability to exploit the system by attaching files to project issues, threatening the security and integrity of the affected Drupal installations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/23887
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/22224
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/31729
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.