Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Ilya Ivanchenko Subscribe
Filtered by product Itweak Upload
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-0697 2 Drupal, Ilya Ivanchenko 2 Drupal, Itweak Upload 2017-08-16 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload file permissions, to inject arbitrary web script or HTML via the file name of an uploaded file.