Description

Drupal 7.x before 7.16 allows remote attackers to obtain sensitive information and possibly re-install Drupal and execute arbitrary PHP code via an external database server, related to "transient conditions."

Remediation

References

CVE-2012-4553

Related Vulnerabilities

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1761)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Open Redirect (4.4.1)

MongoDb Out-of-bounds Read Vulnerability (CVE-2017-14227)

PHP HTML entity encoder heap overflow vulnerability

PHP Other Vulnerability (CVE-2011-0421)

Severity

Medium

Classification

CVE-2012-4553 CWE-264

Tags

Missing Update Known Vulnerabilities