Lucene search
MitreCVELIST:CVE-2015-6660HistoryAug 24, 2015 - 2:00 p.m.
CVE-2015-6660
2015-08-2414:00:00
mitre
raw.githubusercontent.com
1
The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user’s account via vectors related to “file upload value callbacks.”
Related
ubuntucve
ubuntucve
CVE-2015-6660
2015-08-24 00:00:00
prion
prion
Cross site request forgery (csrf)
2015-08-24 14:59:00
debiancve
debiancve
CVE-2015-6660
2015-08-24 14:59:00
cve
cve
CVE-2015-6660
2015-08-24 14:59:17
nessus
nessus
Drupal 6.x < 6.37 Multiple Vulnerabilities
2015-08-26 00:00:00
Drupal 6.x < 6.37 Multiple Vulnerabilities
2016-04-08 00:00:00
Fedora 23 : drupal7-7.39-1.fc23 (2015-13915)
2015-08-28 00:00:00
openvas
openvas
Drupal 6.x < 6.37, 7.x < 7.39 Multiple Vulnerabilities (SA-CORE-2015-003) - Windows
2015-08-28 00:00:00
Drupal 6.x < 6.37, 7.x < 7.39 Multiple Vulnerabilities (SA-CORE-2015-003) - Linux
2015-08-28 00:00:00
Debian: Security Advisory (DSA-3346-1)
2015-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: drupal6-6.37-1.fc23
2015-09-06 17:19:14
[SECURITY] Fedora 23 Update: drupal6-6.37-1.fc23
2015-09-06 01:49:44
[SECURITY] Fedora 21 Update: drupal7-7.39-1.fc21
2015-09-06 06:25:08
securityvulns
securityvulns
[SECURITY] [DSA 3346-1] drupal7 security update
2015-10-26 00:00:00
drupal
drupal
Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003
2015-08-19 00:00:00
mageia
mageia
Updated drupal packages fix security vulnerabilities
2015-08-27 23:49:46
debian
debian
[SECURITY] [DSA 3346-1] drupal7 security update
2015-08-31 10:37:16
osv
osv
drupal7 - security update
2015-08-31 00:00:00