ID de Prueba:	1.3.6.1.4.1.25623.1.0.805966
Categoría:	Web application abuses
Título:	Drupal Multiple Vulnerabilities-02 August15 (Windows)
Resumen:	This host is running Drupal and is prone; to multiple vulnerabilities.
Descripción:	Summary: This host is running Drupal and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exixts as, - An error in the Ajax handler involving a whitelisted HTML element, possibly related to the 'a' tag. - An error in the SQL comment filtering system in the Database API. Vulnerability Impact: Successful exploitation will allow remote attackers to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data, and execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Affected Software/OS: Drupal 7.x before 7.39 on Windows. Solution: Upgrade to version 7.39 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6665 BugTraq ID: 76431 http://www.securityfocus.com/bid/76431 Debian Security Information: DSA-3346 (Google Search) http://www.debian.org/security/2015/dsa-3346 http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165061.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165704.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165733.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165674.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165724.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165695.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165723.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165840.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165690.html https://www.drupal.org/node/2554145 http://www.securitytracker.com/id/1033358 Common Vulnerability Exposure (CVE) ID: CVE-2015-6659 BugTraq ID: 76432 http://www.securityfocus.com/bid/76432
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.