CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0505

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.7%

CVSS Severity

CVSS v2 Score 8.5

References

Products affected by CVE-2007-0505

Drupal » Project » Version: 4.6

cpe:2.3:a:drupal:project:4.6
Drupal » Project » Version: 4.6_1.1

cpe:2.3:a:drupal:project:4.6_1.1
Drupal » Project » Version: 4.7

cpe:2.3:a:drupal:project:4.7
Drupal » Project » Version: 4.7_1.1

cpe:2.3:a:drupal:project:4.7_1.1
Drupal » Project » Version: 4.7_2.1

cpe:2.3:a:drupal:project:4.7_2.1
Drupal » Project » Version: 5.0

cpe:2.3:a:drupal:project:5.0
Drupal » Project Issue Tracking Module » Version: 4.7

cpe:2.3:a:drupal:project_issue_tracking_module:4.7
Drupal » Project Issue Tracking Module » Version: 4.7_1.1

cpe:2.3:a:drupal:project_issue_tracking_module:4.7_1.1
Drupal » Project Issue Tracking Module » Version: 4.7_2.1

cpe:2.3:a:drupal:project_issue_tracking_module:4.7_2.1
Drupal » Project Issue Tracking Module » Version: 5.0

cpe:2.3:a:drupal:project_issue_tracking_module:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0505

Products

Pricing

Contact Us