Vulnerabilities > CVE-2007-5270 - Unspecified vulnerability in Bendiken Boost Module FOR Drupal

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

bendiken

NVD

Published: 2007-10-08

Updated: 2017-07-29

Summary

Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Bendiken Bendiken Boost Module FOR Drupal *	1

References

http://drupal.org/node/180591
http://osvdb.org/45493
http://osvdb.org/45494
https://exchange.xforce.ibmcloud.com/vulnerabilities/36939