CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
65.2%
The Spider Video Player module for Drupal allows remote authenticated users with the “access Spider Video Player administration” permission to delete arbitrary files via a crafted URL.
Vendor | Product | Version | CPE |
---|---|---|---|
web-dorado | web-dorado_spider_video_player | * | cpe:2.3:a:web-dorado:web-dorado_spider_video_player:*:*:*:*:*:drupal:*:* |