Drupal Live CSS Module Arbitrary PHP Code Execution Vulnerability

The Live CSS module for Drupal is prone to an arbitrary PHP code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary PHP code within the context of the web server.

The following versions are vulnerable:

Live CSS 6.x-2.x versions prior to 6.x-2.1
Live CSS 7.x-2.x versions prior to 7.x-2.7


 

Privacy Statement
Copyright 2010, SecurityFocus