Description

Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is used to create a menu item, does not implement access control for the page that is referenced, which might allow remote attackers to access administrator pages.

Remediation

References

CVE-2006-1227

Related Vulnerabilities

WordPress Plugin Media from FTP PHP Object Injection (9.79)

Java Unspesificed Vulnerability (CVE-2018-2940)

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.2)

MySQL CVE-2014-6478 Vulnerability (CVE-2014-6478)

WordPress Plugin WP Shieldon-WordPress Firewall Cross-Site Scripting (1.6.3)

Severity

Medium

Classification

CVE-2006-1227

Tags

Missing Update Known Vulnerabilities