7.5
CVE-2007-5270
- EPSS 1.34%
- Veröffentlicht 08.10.2007 23:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUnspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bendiken ≫ Boost Module For Drupal Version <= 4.7.-1.0
Bendiken ≫ Boost Module For Drupal Version <= 5.-1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.34% | 0.675 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://drupal.org/node/180591
http://osvdb.org/45493
http://osvdb.org/45494
https://exchange.xforce.ibmcloud.com/vulnerabilities/36939