CVE-2008-3001

2008-07-03T18:41:00
ID CVE-2008-3001
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:31:00

Description

The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions. Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.