Back to search
CVE-2008-2271
Published: May 16, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the "access content" permission to list tables and obtain session IDs from the database.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
29242
vdb-entry
x_refsource_BID
http://drupal.org/node/258547
x_refsource_CONFIRM
site-access-content-info-disclosure(42453)
vdb-entry
x_refsource_XF
ADV-2008-1541
vdb-entry
x_refsource_VUPEN
30257
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now