Lucene search

K
cvelistMitreCVELIST:CVE-2015-2087
HistoryOct 03, 2022 - 4:16 p.m.

CVE-2015-2087

2022-10-0316:16:11
mitre
www.cve.org
drupal
file upload
remote code execution
avatar uploader
cve-2015-2087

AI Score

7.3

Confidence

Low

EPSS

0.003

Percentile

71.4%

Unrestricted file upload vulnerability in the Avatar Uploader module before 6.x-1.3 for Drupal allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via unspecified vectors.

AI Score

7.3

Confidence

Low

EPSS

0.003

Percentile

71.4%

Related for CVELIST:CVE-2015-2087