CVE-2018-25002

January 11, 2021

uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal’s security advisory policy.

Summary:

uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal’s security advisory policy.

Reference Links(if available):

  • https://www.drupal.org/project/kcfinder/issues/1768718
  • https://www.drupal.org/project/kcfinder/issues/1768720
  • https://www.drupal.org/sa-contrib-2018-024

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    image

    CVE Alert: CVE-2025-6081

    July 3, 2025
    image

    CVE Alert: CVE-2025-41648

    July 3, 2025
    image

    CVE Alert: CVE-2025-41656

    July 3, 2025
    image

    CVE Alert: CVE-2025-6934

    July 3, 2025
    image

    CVE Alert: CVE-2025-5072

    July 3, 2025