Vulnerabilities > CVE-2006-5476 - Unspecified vulnerability in Drupal

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

drupal

NVD

Published: 2006-10-24

Updated: 2018-10-17

Summary

Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Drupal Drupal Drupal 4.6.0 Drupal Drupal 4.6.5 Drupal Drupal 4.7.2 Drupal Drupal 4.6.9 Drupal Drupal 4.6.2 Drupal Drupal 4.6.8 Drupal Drupal 4.7.3 Drupal Drupal 4.6.3 Drupal Drupal 4.6.4 Drupal Drupal 4.7.0 Drupal Drupal 4.6.7 Drupal Drupal 4.6.1 Drupal Drupal 4.7.1 Drupal Drupal 4.6.6	14

References

http://drupal.org/node/88828
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.025-drupal.html
http://secunia.com/advisories/22486
http://securityreason.com/securityalert/1765
http://www.vupen.com/english/advisories/2006/4120
https://exchange.xforce.ibmcloud.com/vulnerabilities/29679
http://www.securityfocus.com/archive/1/449199/100/0/threaded