[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-2352

Date: (C)2010-06-21   (M)2017-08-18
 
CVSS Score: 5.0Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE











The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal does not perform access checks before displaying referenced nodes, which allows remote attackers to read controlled nodes.

Reference:
SECUNIA-40243
SECUNIA-40318
OSVDB-65615
ADV-2010-1546
FEDORA-2010-10127
FEDORA-2010-10176
FEDORA-2010-10200
cck-noderef-info-disc(59515)
http://drupal.org/node/829566

CWE    1
CWE-20

© 2013 SecPod Technologies