QwikSec

Security Database

CVE

CWE

Training

CVE-2015-5501

Published: Aug 18, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The Hostmaster (Aegir) module 6.x-2.x before 6.x-2.4 and 7.x-3.x before 7.x-3.0-beta2 for Drupal allows remote attackers to execute arbitrary PHP code via a crafted file in the directory used to write Apache vhost files for hosted sites in a multi-site environment.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.drupal.org/node/2492317

x_refsource_MISC

vdb-entry

x_refsource_BID

http://community.aegirproject.org/3.0-beta2

x_refsource_CONFIRM

[oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131)

mailing-list

x_refsource_MLIST

http://community.aegirproject.org/2.4

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.