Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-7109 | 1 Drupal | 1 Imce Module | 2017-07-28 | 6.5 MEDIUM | N/A |
Unrestricted file upload vulnerability in IMCE before 1.6, a Drupal module, allows remote authenticated users to upload arbitrary PHP code via a filename with a double extension such as .php.gif. | |||||
CVE-2006-7110 | 1 Drupal | 1 Imce Module | 2017-07-28 | 5.5 MEDIUM | N/A |
Directory traversal vulnerability in the delete function in IMCE before 1.6, a Drupal module, allows remote authenticated users to delete arbitrary files via ".." sequences. |