Description

Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly."

Remediation

References

CVE-2005-1871

Related Vulnerabilities

PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1169)

WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Multiple Cross-Site Scripting Vulnerabilities (9.7.3)

WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)

WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19436)

Python Incorrect Type Conversion or Cast Vulnerability (CVE-2020-10735)

Severity

High

Classification

CVE-2005-1871

Tags

Missing Update Known Vulnerabilities