EUVD-2006-4343

Malware in sbrugna...

EUVD-2006-4344

Malware in sbrugna...

CVE-2006-4355

Cross-site scripting XSS vulnerability in Drupal Easylinks Module easylinks.module 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2006-4356

SQL injection vulnerability in Drupal Easylinks Module easylinks.module 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2006-4355

Cross-site scripting XSS vulnerability in Drupal Easylinks Module easylinks.module 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2006-4356

The CVE-2006-4356 issue affects Drupal Easylinks Module (easylinks.module) for Drupal 4.7, with impact prior to version 1.5.2.1. The vulnerability is a SQL injection allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. Remediation is to upgrade to version 1.5.2.1 o...

CVE-2006-4355

CVE-2006-4355 is a published XSS vulnerability in the Drupal Easylinks Module (easylinks.module) affecting 4.7 prior to 1.5.2.1. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The security rating from NVD shows low base score (2.6) with network a...

Easylinks multiple vulnerabilities

Unescaped input is used directly in queries, allowing malicious users to execute SQL injection attacks. This may result in administrator privileges. It is also possible for a malicious user to insert and execute XSS Cross Site Scripting, due to lack of validation on output. This may lead to...