CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-5496

The pass2pdf module for Drupal does not restrict access to generated PDF files, which allows remote attackers to obtain user passwords via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.openwall.com/lists/oss-security/2015/07/04/4
http://www.securityfocus.com/bid/74755
https://www.drupal.org/node/2492205
http://www.openwall.com/lists/oss-security/2015/07/04/4
http://www.securityfocus.com/bid/74755
https://www.drupal.org/node/2492205

Products affected by CVE-2015-5496

Pass2pdf Project » Pass2pdf » Version: N/A

cpe:2.3:a:pass2pdf_project:pass2pdf:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5496

Products

Pricing

Contact Us