install.php in Drupal 5.x prior to 5.3, when the configured database server is not reachable, allows remote malicious users to execute arbitrary code via vectors that cause settings.php to be modified.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal |
||
fedoraproject fedora 7 |