Project: File (Field) Paths
Security risk: *Critical* 15∕25
Vulnerability: Remote Code Execution
This module enables you to automatically sort and rename your uploaded files
using token based replacement patterns to maintain a nice clean filesystem.
The module doesn't sufficiently sanitize the path while a new file is
uploading, allowing a remote attacker to execute arbitrary PHP code.