Design/Logic Flaw

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node...

CVE-2015-7230

The Workbench Email module 7.x-3.x before 7.x-3.4 for Drupal allows remote authenticated users with certain permissions to bypass node and field validation by saving a node...

Mambo Site Server 4.0.14 banners.php bid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database queries and send anonymous...

Cross site scripting

Cross-site scripting XSS vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATHINFO...

CVE-2012-2084

Cross-site scripting XSS vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATHINFO...

CVE-2012-2084

The CVE-2012-2084 case affects Drupal’s Printer, email and PDF versions module (6.x-1.x before 6.x-1.15; 7.x-1.x before 7.x-1.0). The root cause is insufficient escaping of URL elements when rendering content, allowing remote attackers to inject arbitrary scripts/HTML (XSS) via likely PATH_INFO v...

Scientific Linux Security Update : python on SL5.x i386/x86_64

It was found that many applications embedding the Python interpreter did not specify a valid full path to the script or application when calling the PySysSetArgv API function, which could result in the addition of the current working directory to the module search path sys.path. A local attacker...

RHEL 5 : python (RHSA-2011:0027)

Updated python packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which...

Low: Red Hat Security Advisory: python security, bug fix, and enhancement update

Updated python packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which...

DRUPAL-SA-CONTRIB-2009-073 - Printer, e-mail and PDF versions multiple vulnerabilities

The Printer, e-mail and PDF versions "print" module provides printer-friendly versions of content. When displaying the list of links in a page, the module does not properly escape this data, leading to a cross site scripting XSS vulnerability. In addition, the "Send by e-mail" sub-module does not...

CVE-2009-2146

Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition aka SugarCRM before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct...

CVE-2009-1047

Cross-site scripting XSS vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via vectors involving outbound HTML e-mail...

CVE-2009-1037

Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API...

CVE-2009-1037

Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API...

Bugzilla多个远程安全漏洞

BUGTRAQ ID: 25420 Bugzilla是很多软件项目都在使用的基于Web的bug跟踪系统。 Bugzilla的实现上存在多个远程安全漏洞，远程攻击者可能利用这些漏洞在服务器上执行恶意命令或导致信息泄露。 在归档bug的时候Bugzilla没有正确地转义指导表单中的buildid字段，这可能允许用户通过向enterbug.cgi提交恶意URL覆盖User-Agent字符串，执行跨站脚本攻击。...

Information disclosure

Group-Office before 2.16-13 does not properly validate user IDs, which allows remote attackers to obtain sensitive information via certain requests for 1 message.php and 2 messages.php in modules/email/. NOTE: some of these details are obtained from third party information...

security flaw

The attachment scrubber Scrubber.py in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service mailing list delivery failure via a multipart MIME message with a single part that has two blank lines between the first boundary an...

CVE-2006-0052

The attachment scrubber Scrubber.py in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service mailing list delivery failure via a multipart MIME message with a single part that has two blank lines between the first boundary an...

Design/Logic Flaw

The attachment scrubber Scrubber.py in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service mailing list delivery failure via a multipart MIME message with a single part that has two blank lines between the first boundary an...

CVE-2006-0052

Removed by vendor...