CVE-2008-2271

EUVD-2008-2268
The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the "access content" permission to list tables and obtain session IDs from the database.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
site_documentation_projectsite_documentation
5.x-1.0 ≤
𝑥
< 5.x-1.8
site_documentation_projectsite_documentation
6.x-1.0 ≤
𝑥
< 6.x-1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/258547
http://secunia.com/advisories/30257
http://www.securityfocus.com/bid/29242
http://www.vupen.com/english/advisories/2008/1541/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42453
http://drupal.org/node/258547
http://secunia.com/advisories/30257
http://www.securityfocus.com/bid/29242
http://www.vupen.com/english/advisories/2008/1541/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42453