Unrated severityNVD Advisory· Published Oct 19, 2007· Updated Apr 23, 2026

CVE-2007-5593

Description

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.

Affected products

Drupal/Drupal
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
Range: >=5.0,<5.3
Fedoraproject/Fedora
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drupal.org/files/sa-2007-025/SA-2007-025-5.2.patchnvdPatchVendor Advisory
drupal.org/node/184316nvdVendor Advisory
secunia.com/advisories/27290nvdThird Party Advisory
secunia.com/advisories/27352nvdThird Party Advisory
www.securityfocus.com/bid/26119nvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/37265nvdThird Party AdvisoryVDB Entry
www.redhat.com/archives/fedora-package-announce/2007-October/msg00328.htmlnvdThird Party Advisory
osvdb.org/39648nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000