Drupal core Unrestricted Upload of File with Dangerous Type

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

GHSA-68JC-V27H-VHMW Drupal core Unrestricted Upload of File with Dangerous Type

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

CVE-2020-13671

Removed by vendor...

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

Drupal core - Critical - Remote code execution - SA-CORE-2020-012

Update November 18: Documented longer list of dangerous file extensions Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting...

PHP 5.2 Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21508/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This...

PHP 5.2.9 cURL - Safe_mode open_basedir Restriction Bypass

PHP 5.2.9 cURL - Safemode openbasedir Restriction Bypass source: https://www.securityfocus.com/bid/34475/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access files in unauthorized locations. This vulnerability...

PHP 5.2.5 - Multiple functions 'safe_mode_exec_dir' / 'open_basedir' Restriction Bypass Vulnerabilities

source: https://www.securityfocus.com/bid/31064/info PHP is prone to 'safemodeexecdir' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary code. These vulnerabilities would be an issue in shared-hosting configurations where multip...

PHP 5.2.6 - chdir() Function http URL Argument Safe_mode Restriction Bypass

PHP 5.2.6 - chdir Function http URL Argument Safemode Restriction Bypass source: https://www.securityfocus.com/bid/29796/info PHP is prone to multiple 'safemode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized...

PHP 5.2 - FOpen Safe_mode Restriction Bypass

PHP 5.2 - FOpen Safemode Restriction Bypass source: https://www.securityfocus.com/bid/22261/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations; other attacks may also be possible. This...

PHP 5.2 - Session.Save_Path() 'Safe_mode' / 'open_basedir' Restriction Bypass

source: https://www.securityfocus.com/bid/21508/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This vulnerability would be an issue in...