Cross-Site Request Forgery Vulnerability in Drupal Database Administration Module
CVE-2007-2160

Currently unrated

Key Information:

Vendor: Drupal
Status: Database Administration Module
Vendor: CVE Published:; 22 April 2007

Summary

The Database Administration module for Drupal contains multiple vulnerabilities that allow attackers to exploit Cross-Site Request Forgery (CSRF) weaknesses. Specifically, these vulnerabilities enable remote attackers to perform unauthorized actions on behalf of an unsuspecting user. This issue primarily affects versions 4.6.x-* and earlier versions in the 4.7.x series before 4.7.x-1.2, posing significant security risks to Drupal installations. For further details, refer to the advisory links provided.

References

http://secunia.com/advisories/24848

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/34962

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2007/1360

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 22, 2007
Vulnerability Reserved
Apr 22, 2007