CVE-2021-28674

The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node outside of the attacker's perimeter via an account with write permissions. This occurs because node IDs are predictable with incrementing numbers and the access control on...

CVE-2022-26346

A denial of service vulnerability exists in the uclouddelnode functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability...

CVE-2021-28674

The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node outside of the attacker's perimeter via an account with write permissions. This occurs because node IDs are predictable with incrementing numbers and the access control on...

Drupal Node Template Module Cross-Site Request Forgery Vulnerability

Drupal is a free and open source content management system developed in PHP.Node Template is a module that uses the structure and data of nodes as a template. A cross-site request forgery vulnerability exists in the Drupal Node Template module that allows a remote attacker to construct a maliciou...

CVE-2015-4397

Cross-site request forgery CSRF vulnerability in the Node Template module for Drupal allows remote attackers to hijack the authentication of users with the "access node template" permission for requests that delete node templates via unspecified vectors...

Drupal Alfresco Module Cross-Site Request Forgery Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Alfresco is one of the enterprise content management system modules that integrates Drupal and Alfresco. A cross-site request forgery vulnerability exists in Drupal Alfresco module...