Description

Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting.

Remediation

References

CVE-2005-2106

Related Vulnerabilities

Magento Improper Access Control Vulnerability (CVE-2021-21020)

WordPress Plugin WP Mapa Politico Espana Cross-Site Scripting (3.6.2)

MySQL CVE-2014-2430 Vulnerability (CVE-2014-2430)

phpMyFAQ Improper Authorization Vulnerability (CVE-2014-6049)

WordPress Plugin Under Construction Unspecified Vulnerability (3.85)

Severity

Medium

Classification

CVE-2005-2106

Tags

Missing Update Known Vulnerabilities