Vulnerabilities > CVE-2007-0505 - Unspecified vulnerability in Drupal Project and Project Issue Tracking Module

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

drupal

NVD

Published: 2007-01-26

Updated: 2024-11-21

Summary

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue.

Vulnerable Configurations

Part	Description	Count
Application	Drupal Drupal Project Issue Tracking Module 4.7 Drupal Project Issue Tracking Module 5.0 Drupal Project Issue Tracking Module 4.7_2.1 Drupal Project Issue Tracking Module 4.7_1.1 Drupal Project 5.0 Drupal Project 4.7_2.1 Drupal Project 4.6 Drupal Project 4.7_1.1 Drupal Project 4.6_1.1 Drupal Project 4.7	10

References

http://drupal.org/node/112146
http://drupal.org/node/112146
http://osvdb.org/32134
http://osvdb.org/32134
http://secunia.com/advisories/23887
http://secunia.com/advisories/23887
http://www.securityfocus.com/bid/22224
http://www.securityfocus.com/bid/22224
http://www.vupen.com/english/advisories/2007/0312
http://www.vupen.com/english/advisories/2007/0312
https://exchange.xforce.ibmcloud.com/vulnerabilities/31729
https://exchange.xforce.ibmcloud.com/vulnerabilities/31729