Unrestricted Access to Configuration Options in Node Parameter Control Module for Drupal

Unrestricted Access to Configuration Options in Node Parameter Control Module for Drupal

CVE-2013-1859 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

The Node Parameter Control module 6.x-1.x for Drupal does not properly restrict access to the configuration options, which allows remote attackers to read and edit configuration options via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.