Description

Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting.

Remediation

References

CVE-2005-2106

Related Vulnerabilities

Oracle Application Server CVE-2009-1999 Vulnerability (CVE-2009-1999)

WordPress Plugin Feedify-Web Push Notifications Cross-Site Scripting (2.1.8)

Squid Improper Certificate Validation Vulnerability (CVE-2023-46724)

Contao Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10641)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3740)

Severity

Medium

Classification

CVE-2005-2106

Tags

Missing Update Known Vulnerabilities