Unrestricted file upload vulnerability in IMCE prior to 1.6, a Drupal module, allows remote authenticated users to upload arbitrary PHP code via a filename with a double extension such as .php.gif.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal imce module |