VYPR
Unrated severityNVD Advisory· Published Jan 26, 2007· Updated Jun 16, 2026

CVE-2007-0505

CVE-2007-0505

Description

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • Drupal/Project6 versions
    cpe:2.3:a:drupal:project:4.6:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:drupal:project:4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project:4.6_1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project:4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project:4.7_1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project:4.7_2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project:5.0:*:dev:*:*:*:*:*
  • cpe:2.3:a:drupal:project_issue_tracking_module:4.7:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:drupal:project_issue_tracking_module:4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project_issue_tracking_module:4.7_1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project_issue_tracking_module:4.7_2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:project_issue_tracking_module:5.0:*:dev:*:*:*:*:*
    • (no CPE)range: 4.7.0 through 5.x before 20070123

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.