Drupal » Drupal : Security Vulnerabilities, CVEs, Published In October 2008

CVE-2008-4793

The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.
Max CVSS
7.5
EPSS Score
0.54%
Published
2008-10-29
Updated
2017-08-08

CVE-2008-4792

The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values.
Max CVSS
6.0
EPSS Score
0.22%
Published
2008-10-29
Updated
2018-11-02

CVE-2008-4791

The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.
Max CVSS
6.0
EPSS Score
0.22%
Published
2008-10-29
Updated
2018-11-02

CVE-2008-4790

The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
Max CVSS
6.0
EPSS Score
0.28%
Published
2008-10-29
Updated
2017-08-08

CVE-2008-4789

The validation functionality in the core upload module in Drupal 6.x before 6.5 allows remote authenticated users to bypass intended access restrictions and "attach files to content," related to a "logic error."
Max CVSS
6.0
EPSS Score
0.17%
Published
2008-10-29
Updated
2017-08-08
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close