Description

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.

Remediation

References

CVE-2007-5593

Related Vulnerabilities

SharePoint CVE-2020-16953 Vulnerability (CVE-2020-16953)

WordPress Plugin WordPress Clean Up & Optimizer-Clean Up Optimizer Multiple Unspecified Vulnerabilities (4.0.12)

WordPress Plugin 3xSocializer Cross-Site Scripting (0.98.22)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-19048)

Joomla! Core 2.5.x Arbitrary File Upload (2.5.0 - 2.5.13)

Severity

Medium

Classification

CVE-2007-5593 CWE-94

Tags

Missing Update Known Vulnerabilities