Published: 21/09/2010 Updated: 22/09/2010

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

The comment module in Drupal 5.x prior to 5.23 and 6.x prior to 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
drupal drupal 5.4
drupal drupal 5.5
drupal drupal 5.6
drupal drupal 5.7
drupal drupal 5.20
drupal drupal 5.21
drupal drupal 5.22
drupal drupal 5.0
drupal drupal 5.12
drupal drupal 5.13
drupal drupal 5.14
drupal drupal 5.15
drupal drupal 5.1
drupal drupal 5.3
drupal drupal 5.8
drupal drupal 5.10
drupal drupal 5.17
drupal drupal 5.19
drupal drupal 5.2
drupal drupal 5.9
drupal drupal 5.11
drupal drupal 5.16
drupal drupal 5.18
drupal drupal 6.4
drupal drupal 6.5
drupal drupal 6.6
drupal drupal 6.7
drupal drupal 6.0
drupal drupal 6.12
drupal drupal 6.13
drupal drupal 6.14
drupal drupal 6.15
drupal drupal 6.16
drupal drupal 6.2
drupal drupal 6.9
drupal drupal 6.11
drupal drupal 6.1
drupal drupal 6.3
drupal drupal 6.8
drupal drupal 6.10
drupal drupal 6.17

Several vulnerabilities have been discovered in Drupal 6 a fully-featured content management framework The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3091 Several issues have been discovered in the OpenID module that allows malicious access to user accounts CVE-2010-3092 The upload module includes a ...

CWE-264 http://www.securityfocus.com/bid/42391 http://drupal.org/node/880476 http://marc.info/?l=oss-security&m=128440896914512&w=2 http://marc.info/?l=oss-security&m=128418560705305&w=2 http://www.debian.org/security/2010/dsa-2113 https://www.debian.org/security/./dsa-2113 https://nvd.nist.gov

CVE-2010-3093

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect