CVE-2005-1871

Drupal 4.4.0-4.6.0 - Unauthenticated Privilege Escalation via Improper Input Validation

Title source: llm
STIX 2.1

Description

Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly."

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/17028
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/15372
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0010.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111782257601422&w=2

Scores

EPSS 0.0074
EPSS Percentile 73.2%

Details

Status published
Products (7)
drupal/drupal 4.4.0
drupal/drupal 4.4.1
drupal/drupal 4.4.2
drupal/drupal 4.5.0
drupal/drupal 4.5.1
drupal/drupal 4.5.2
drupal/drupal 4.6.0
Published Jun 09, 2005
Tracked Since Feb 18, 2026