CVE-2012-5653

NONECVSS 0.0

0.0

The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 allows remote authenticated users to bypass the protection mechanism and execute arbitrary PHP code via a null byte in a file name.

🔗 References (18)

secalert@redhathttp://drupal.org/SA-CORE-2012-004
secalert@redhathttp://drupalcode.org/project/drupal.git/commitdiff/b47f95d
secalert@redhathttp://drupalcode.org/project/drupal.git/commitdiff/da8023a
secalert@redhathttp://osvdb.org/88529
secalert@redhathttp://www.debian.org/security/2013/dsa-2776
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2013:074
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/12/20/1
secalert@redhathttp://www.securityfocus.com/bid/56993
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/80795
af854a3a-2127-422b-91ae-364da2661108http://drupal.org/SA-CORE-2012-004
af854a3a-2127-422b-91ae-364da2661108http://drupalcode.org/project/drupal.git/commitdiff/b47f95d
af854a3a-2127-422b-91ae-364da2661108http://drupalcode.org/project/drupal.git/commitdiff/da8023a
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/88529
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2776
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:074

Is Your Infrastructure Affected by CVE-2012-5653?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-5653

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-5653?