CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
87.9%
Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x
before 5.10 and 6.x before 6.4 allows remote authenticated users to execute
arbitrary code by uploading a file with an executable extension, which is
not validated.