 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts |
CVE-2008-0577 (Project Issue Tracking module)This is a discussion on "CVE-2008-0577 (Project Issue Tracking module)" within the Advisories part of the Computer Security: Discussions section; The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in ... |
 |
| | LinkBack | Thread Tools | Display Modes |
05-02-08
| |||
| |||
 CVE-2008-0577 (Project Issue Tracking module) The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal (1) does not restrict the extensions of attached files when the Upload module is enabled for issue nodes, which allows remote attackers to upload and possibly execute arbitrary files; and (2) accepts the .html extension within the bundled file-upload functional... More...  |
| Sponsor | ||
| ||
| |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| CVE-2008-0576 (Project Issue Tracking module) | Heap | Advisories | 0 | 05-02-08 19:29 |
