Main
Vulnerability Database
Exploits
ID:7 - Exploit for Information disclosure in Drupal - CVE-2012-4554
ID:7 - Exploit for Information disclosure in Drupal - CVE-2012-4554
Published: March 18, 2020
Vulnerability identifier: #VU468
Vulnerability risk: Low
CVE-ID: CVE-2012-4554
CWE-ID: CWE-200
Exploitation vector: Local access
Vulnerable software:
Drupal
Drupal
Link to public exploit:
Vulnerability description
The vulnerability allows a remote user to obtain potentially sensitive information in local filesystem.
The weakness consists in attempts to log in to the local system site by using a malicious OpenID server for important data reading.
Successful exploitation of the vulnerability allows a malicious user to view potentially sensitive information.
The weakness consists in attempts to log in to the local system site by using a malicious OpenID server for important data reading.
Successful exploitation of the vulnerability allows a malicious user to view potentially sensitive information.