CVE-2007-2160

Currently unrated

Key Information:

Vendor: Drupal
Status: Database Administration Module
Vendor: CVE Published:; 22 April 2007

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476.

References

http://secunia.com/advisories/24848

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/34962

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2007/1360

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 22, 2007
Vulnerability Reserved
Apr 22, 2007