Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x-1.4 and 6.x-1.x before 6.x-1.7, a module for Drupal, allows remote attackers to bypass intended access restrictions and modify "nodes or classes of nodes" via unknown vectors, probably related to registered procedures (aka actions).
2009-06-27T18:47:59.203
2025-04-09T00:30:58.490
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | drupal | drupal | * | No |
| Application | karim_ratib | views_bulk_operations | 5.x-1.0 | Yes |
| Application | karim_ratib | views_bulk_operations | 5.x-1.1 | Yes |
| Application | karim_ratib | views_bulk_operations | 5.x-1.2 | Yes |
| Application | karim_ratib | views_bulk_operations | 5.x-1.3 | Yes |
| Application | karim_ratib | views_bulk_operations | 6.x-1.0 | Yes |
| Application | karim_ratib | views_bulk_operations | 6.x-1.1 | Yes |
| Application | karim_ratib | views_bulk_operations | 6.x-1.2 | Yes |
| Application | karim_ratib | views_bulk_operations | 6.x-1.3 | Yes |
| Application | karim_ratib | views_bulk_operations | 6.x-1.4 | Yes |