Description

Drupal 7.x before 7.16 allows remote attackers to obtain sensitive information and possibly re-install Drupal and execute arbitrary PHP code via an external database server, related to "transient conditions."

Remediation

References

CVE-2012-4553

Related Vulnerabilities

Drupal Improper Input Validation Vulnerability (CVE-2007-6299)

ownCloud Improper Authentication Vulnerability (CVE-2014-2047)

WordPress Plugin Appointment Hour Booking-WordPress Booking Cross-Site Scripting (1.3.16)

WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)

Oracle Database Server CVE-2015-2595 Vulnerability (CVE-2015-2595)

Severity

Medium

Classification

CVE-2012-4553 CWE-264

Tags

Missing Update Known Vulnerabilities