Lucene search

K
prionPRIOn knowledge basePRION:CVE-2010-3092
HistorySep 21, 2010 - 8:00 p.m.

Design/Logic Flaw

2010-09-2120:00:00
PRIOn knowledge base
www.prio-n.com
6

AI Score

6.7

Confidence

Low

EPSS

0.002

Percentile

51.4%

The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to bypass the intended restrictions on downloading a file by uploading a different file with a similar name.

AI Score

6.7

Confidence

Low

EPSS

0.002

Percentile

51.4%