Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2008-08-27	CVE-2008-3745	Permissions, Privileges, and Access Controls vulnerability in Drupal and Upload Module The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors. network low complexity drupal CWE-264	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.