CVE-2008-0569
First published: Tue Feb 05 2008(Updated: )
The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Drupal Comment Upload Module | =4.7 | |
| Drupal Comment Upload Module | =5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-0569?
CVE-2008-0569 is classified as a critical vulnerability due to its potential to allow remote attackers to execute arbitrary code.
How do I fix CVE-2008-0569?
To fix CVE-2008-0569, update the Drupal Comment Upload module to the latest version available.
What versions of Drupal are affected by CVE-2008-0569?
CVE-2008-0569 affects the Comment Upload module versions prior to 4.7.x-0.1 and 5.x-0.1.
What can an attacker do with CVE-2008-0569?
An attacker exploiting CVE-2008-0569 can bypass upload validation and upload arbitrary and potentially malicious files.
Is CVE-2008-0569 specific to any Drupal modules?
Yes, CVE-2008-0569 specifically affects the Comment Upload module in Drupal.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/drupal
- canonical/drupal comment upload module
- version/drupal comment upload module/4.7
- version/drupal comment upload module/5.0