Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Drupal Subscribe
Filtered by product Comment Upload Module
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0569 1 Drupal 1 Comment Upload Module 2011-03-07 6.4 MEDIUM N/A
The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.