CVE-2015-2087
26.02.2015, 15:59
Unrestricted file upload vulnerability in the Avatar Uploader module before 6.x-1.3 for Drupal allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via unspecified vectors.Enginsight
Vendor | Product | Version |
---|---|---|
avatar_uploader_project | avatar_uploader | 𝑥 ≤ 6.x-1.2 |
𝑥
= Vulnerable software versions