Description

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.

Remediation

References

CVE-2007-5593

Related Vulnerabilities

MySQL CVE-2021-35636 Vulnerability (CVE-2021-35636)

WordPress Plugin Easy Banners Cross-Site Scripting (1.4)

WordPress 2.2 Multiple Vulnerabilities (2.2)

Apache HTTP Server CVE-2004-0809 Vulnerability (CVE-2004-0809)

WordPress Plugin Real-Time Find and Replace Cross-Site Scripting (3.8)

Severity

Medium

Classification

CVE-2007-5593 CWE-94

Tags

Missing Update Known Vulnerabilities