6.4

CVE-2008-0569

EPSS 1.06%
Published 05.02.2008 02:00:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Drupal ≫ Comment Upload Module Version4.7

Drupal ≫ Comment Upload Module Version5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.06%	0.756

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://drupal.org/node/216024

http://drupal.org/node/216035

http://drupal.org/node/216036

http://secunia.com/advisories/28729

Vendor Advisory

http://www.securityfocus.com/bid/27544

http://www.vupen.com/english/advisories/2008/0374/references

https://nvd.nist.gov/vuln/detail/CVE-2008-0569

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0569

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0569

EUVD