Drupal : Security Vulnerabilities, CVEs, Published In August 2008 (Code Execution)
Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated.
Max CVSS
6.5
EPSS Score
1.44%
Published
2008-08-27
Updated
2017-08-08
1 vulnerabilities found