Drupal Avatar Uploader Module Arbitrary File Upload Vulnerability

Bugtraq ID: 72674
Class: Input Validation Error
CVE: CVE-2015-2087
Remote: Yes
Local: No
Published: Feb 18 2015 12:00AM
Updated: Apr 13 2015 09:01PM
Credit: Liran Tal
Vulnerable: Drupal Avatar Uploader 6.X-1.2
Drupal Avatar Uploader 6.X-1.1
Drupal Avatar Uploader 6.X-1.0
Not Vulnerable: Drupal Avatar Uploader 6.X-1.3


 

Privacy Statement
Copyright 2010, SecurityFocus