Description

Drupal 7.x before 7.16 allows remote attackers to obtain sensitive information and possibly re-install Drupal and execute arbitrary PHP code via an external database server, related to "transient conditions."

Remediation

References

CVE-2012-4553

Related Vulnerabilities

WordPress Plugin Startklar Elementor Addons Directory Traversal (1.7.15)

WordPress Plugin PickPlugins Product Slider for WooCommerce Cross-Site Scripting (1.13.21)

WordPress Plugin Sell Media Cross-Site Request Forgery (2.5.5)

WordPress Plugin File Manager Remote Code Execution (4.5)

Drupal Improper Input Validation Vulnerability (CVE-2013-6389)

Severity

Medium

Classification

CVE-2012-4553 CWE-264

Tags

Missing Update Known Vulnerabilities