CVE-2008-4790

EPSS 0.24% · P48 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-4790

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Drupal核心上传模块安全绕过漏洞.

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Drupal中的核心上传模块允许远程认证用户借助未知向量，绕过设置的访问限制，读取"依附于内容的文件" 。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-4790

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-4790

请登录查看更多情报信息。

http://drupal.org/node/318706x_refsource_CONFIRM
http://secunia.com/advisories/32198third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/32200third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/45758vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2008-4790

Same Patch Batch · n/a · 2008-10-29 · 17 CVEs total

CVE-2008-4787		Microsoft Internet Explorer拒绝服务攻击漏洞
CVE-2008-4788		Microsoft IE NBSP地址栏URL欺骗漏洞
CVE-2008-4789		Drupal 核心上传模块限许可和访问权限漏洞
CVE-2008-4791		Drupal 用户模块安全绕过漏洞
CVE-2008-4792		Drupal 核心BlogAPI模块安全绕过漏洞
CVE-2008-4793		Drupal节点模块API安全绕过漏洞
CVE-2008-4777		Joomla! 和Mambo Joomlearn LMS 组件 'cat' 参数SQL注入漏洞
CVE-2008-4778		dream4 koobi_cms galid参数SQL注入漏洞
CVE-2008-4779		TUGzip .zip文件解析栈溢出漏洞
CVE-2008-4780		Graphiks MyForum 'centre.php' 本地文件包含漏洞
CVE-2008-4781		MyKtools 'update.php' 本地文件包含漏洞
CVE-2008-4782		aiocp 'cp_polls_results.php' SQL注入漏洞
CVE-2008-4783		tlAds Cookie tlAds_login参数身份认证绕过漏洞
CVE-2008-4784		aflog Cookie身份认证绕过漏洞
CVE-2008-4785		e107 CMS 'alternate_profiles'插件 'newuser.php' SQL注入漏洞
CVE-2008-4786		e107 CMS EasyShop 插件'easyshop.php' SQL注入漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-4790

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2008-4790

I. Basic Information for CVE-2008-4790

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-4790

III. Intelligence Information for CVE-2008-4790

Same Patch Batch · n/a · 2008-10-29 · 17 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2008-4790

Leave a comment