OSVDB: Open Sourced Vulnerability Database

Browse Database - By Creditee webernet

Researcher Name:

webernet

Researcher Company:

Researcher Country:

Canada

Vulnerabilities Types:

Other:

Displaying 1 vulnerability

<< Back to Browse

	OSVDB ID	Disclosure Date	Title
	41068 [CLOSE] OSVDB ID : 41068 - Disclosed: 2008-01-30 Description: (Description Provided by CVE) : The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.	2008-01-30	Comment Upload Module for Drupal Arbitrary File Upload

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.