CVE-2007-5270

Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors.

Published: Oct 9, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5270
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
bendiken / boost_module_for_drupal	-	5.-1.0.x
bendiken / boost_module_for_drupal	-	4.7.-1.0.x

http://drupal.org/node/180591
http://osvdb.org/45493
http://osvdb.org/45494
https://exchange.xforce.ibmcloud.com/vulnerabilities/36939

Vulnerability Database

CVE-2007-5270