Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
DrupalImce Module

2 matches found

CVE
CVEadded 2007/03/05 8:0 p.m.57 views

CVE-2006-7109

Summary: CVE-2006-7109 is an unrestricted file upload vulnerability in the IMCE Drupal module (before 1.6). The issue allows remote authenticated users to upload arbitrary PHP code by using a filename with a double extension such as .php.gif. Details from connected docs: The HackerOne report prov...

6.5CVSS6.7AI score0.01108EPSS
CVE
CVEadded 2007/03/05 8:0 p.m.43 views

CVE-2006-7110

The CVE-2006-7110 entry covers a directory traversal vulnerability in the IMCE Drupal module’s delete function. It allows remote authenticated users to delete arbitrary files by supplying ".." sequences. Affected component: IMCE module (Drupal) prior to version 1.6. Root cause: improper sanitizat...

5.5CVSS6.7AI score0.0135EPSS