CVE-2008-3001

Currently unrated

Key Information:

Vendor: Drupal
Status: Aggregation Module
Vendor: CVE Published:; 3 July 2008

Summary

The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions.

References

http://drupal.org/node/269479

x_refsource_CONFIRM

http://www.securityfocus.com/bid/29677

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/43011

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jul 3, 2008
Vulnerability Reserved
Jul 3, 2008