High severity7.5NVD Advisory· Published Apr 4, 2018· Updated Jun 17, 2026
CVE-2018-9205
CVE-2018-9205
Description
Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =7.x-1.0-beta8
- Robbin Zhao/avatar_uploaderv5Range: unspecified
Patches
Vulnerability mechanics
References
4- www.vapidlabs.com/advisory.phpnvdExploitThird Party Advisory
- www.exploit-db.com/exploits/44501/nvdExploitThird Party AdvisoryVDB Entry
- www.drupal.org/project/avatar_uploadernvdRelease NotesVendor Advisory
- www.drupal.org/project/avatar_uploader/issues/2957966nvdVendor Advisory
News mentions
0No linked articles in our index yet.