CVE-2008-4789

The validation functionality in the core upload module in Drupal 6.x before 6.5 allows remote authenticated users to bypass intended access restrictions and "attach files to content," related to a "logic error."
Configurations

Configuration 1

cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:rc-2:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:rc-1:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:rc-3:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:rc-4:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*

Information

Published : 2008-10-29 03:31

Updated : 2017-08-08 01:32


NVD link : CVE-2008-4789

Mitre link : CVE-2008-4789

Products Affected
No products.
CWE