Skip to main content

Values

1 CVEs product

Monthly

CVE-2015-8761 CRITICAL PATCH Act Now

The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the "Import value sets" permission to execute arbitrary PHP code via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE PHP Code Injection Values
NVD
CVSS 3.0
9.0
EPSS
0.3%
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the "Import value sets" permission to execute arbitrary PHP code via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE PHP Code Injection +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy