The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions.
Max CVSS
9.3
EPSS Score
3.73%
Published
2008-07-03
Updated
2017-08-08
Unspecified vulnerability in the Header Image Module before 5.x-1.1 for Drupal allows remote attackers to access the administration pages via unknown attack vectors.
Max CVSS
10.0
EPSS Score
1.15%
Published
2008-02-19
Updated
2017-08-08
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
Max CVSS
10.0
EPSS Score
0.79%
Published
2008-02-05
Updated
2011-03-08
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
Max CVSS
8.5
EPSS Score
0.37%
Published
2008-01-15
Updated
2017-08-08
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!