Description

The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.

Remediation

References

CVE-2008-4791

Related Vulnerabilities

WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (3.9.4)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-4643)

WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics Arbitrary File Download (0.7)

WordPress Plugin AB Google Map Travel (AB-MAP) Multiple Vulnerabilities (3.4)

MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-32036)

Severity

Medium

Classification

CVE-2008-4791 CWE-264

Tags

Missing Update Known Vulnerabilities