Avatar_uploader_project Avatar_uploader
3 CVEs affecting Avatar_uploader_project Avatar_uploader. Latest disclosed: 2026-05-10. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-50957 | Medium | 6.1 | 2026-05-10 | Drupal avatar_uploader 7.x-1.0-beta8 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts… |
CVE-2015-2087 | | 2015-02-26 | Unrestricted file upload vulnerability in the Avatar Uploader module before 6.x-1.3 for Drupal allows remote authenticated users to execute arbitrary PHP code… | |
CVE-2014-9155 | | 2014-12-01 | Directory traversal vulnerability in the Avatar Uploader module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta6 for Drupal allows remote authenticated… |