Description

Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is used to create a menu item, does not implement access control for the page that is referenced, which might allow remote attackers to access administrator pages.

Remediation

References

CVE-2006-1227

Related Vulnerabilities

Oracle JRE CVE-2013-5777 Vulnerability (CVE-2013-5777)

Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167)

WordPress Plugin WP Post Popup Directory Traversal (2.0)

Oracle HTTP Server Other Vulnerability (CVE-2006-5348)

WordPress Plugin My WordPress Login Logo Multiple Unspecified Vulnerabilities (2.1)

Severity

Medium

Classification

CVE-2006-1227

Tags

Missing Update Known Vulnerabilities