Description

Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly."

Remediation

References

CVE-2005-1871

Related Vulnerabilities

XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29206)

Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10839)

WordPress Plugin WP User Manager-User Profile Builder & Membership Security Bypass (2.6.2)

Jboss EAP Other Vulnerability (CVE-2023-3629)

WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1)

Severity

High

Classification

CVE-2005-1871

Tags

Missing Update Known Vulnerabilities