Drupal Nodefamily Module Security Bypass Vulnerability
BID:22853
Info
Drupal Nodefamily Module Security Bypass Vulnerability
| Bugtraq ID: | 22853 |
| Class: | Unknown |
| CVE: |
CVE-2007-1360 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 07 2007 12:00AM |
| Updated: | May 12 2015 07:33PM |
| Credit: | Ryan C is credited with the discovery of this issue. |
| Vulnerable: |
Drupal Nodefamily 4.7.1-1.0 |
| Not Vulnerable: |
Drupal Nodefamily 5.1-1.0 |
Discussion
Drupal Nodefamily Module Security Bypass Vulnerability
Drupal Nodefamily is prone to a security-bypass vulnerability.
A remote attacker can exploit this issue to gain unauthorized access to the profiles of other users. This may lead to other attacks.
Nodefamily versions before Drupal 5.x-1.0 are affected by this issue.
Drupal Nodefamily is prone to a security-bypass vulnerability.
A remote attacker can exploit this issue to gain unauthorized access to the profiles of other users. This may lead to other attacks.
Nodefamily versions before Drupal 5.x-1.0 are affected by this issue.
Exploit / POC
Drupal Nodefamily Module Security Bypass Vulnerability
Attackers may exploit this issue using a browser.
Attackers may exploit this issue using a browser.
Solution / Fix
Drupal Nodefamily Module Security Bypass Vulnerability
Solution:
The vendor has released version Nodefamily for Drupal 5.x-1.0. to address this issue. Please see the references for more information.
Solution:
The vendor has released version Nodefamily for Drupal 5.x-1.0. to address this issue. Please see the references for more information.
References
Drupal Nodefamily Module Security Bypass Vulnerability
References:
References:
- Drupal Modules Home Page (Drupal)
- Drupal Project Home Page (Drupal )