Lucene search
K

Drupal avatar_uploader arbitrary file download vulnerability

🗓️ 09 Apr 2018 00:00:00Reported by China National Vulnerability DatabaseType 
cnvd
 cnvd
🔗 www.cnvd.org.cn👁 5 Views

Drupal avatar_uploader 7.x-1.0-beta8 allows arbitrary file download via unvalidated users and file paths.

Related
Refs
ReporterTitlePublishedViews
Family
0day.today
Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download Vulnerability
22 Apr 201800:00
zdt
ATTACKERKB
CVE-2018-9205
4 Apr 201815:29
attackerkb
Circl
CVE-2018-9205
23 Dec 202400:00
circl
CVE
CVE-2018-9205
4 Apr 201815:00
cve
Cvelist
CVE-2018-9205
4 Apr 201815:00
cvelist
Dsquare
Drupal Avatar Uploader File Disclosure
19 May 201800:00
dsquare
Exploit DB
Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure
23 Apr 201800:00
exploitdb
exploitpack
Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure
23 Apr 201800:00
exploitpack
Nuclei
Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion
9 Jul 202603:01
nuclei
NVD
CVE-2018-9205
4 Apr 201815:29
nvd
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 May 2018 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS 25
CVSS 37.5
EPSS0.56924
5