10 matches found
Drupal Embedded Media Field Module Security Bypass Vulnerability
Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.Embedded Media Field is one of the modules used to embed third-party video and audio. A security bypass vulnerability in the Drupal Embedded Media Field module 6.x-2.7 before version...
Fedora 24 : drupal6-emfield-2.7-1.fc24 (2016-f0bb0dad51)
6.x-2.7 Fixes Embedded Media Field - Moderately Critical - Access Bypass - DRUPAL-SA-CONTRIB-2016-004 Changes since 6.x-2.6: by dalin: Ensure that width and height are always numbers. \1868588 by tangent: URL detection regex does not match hyphens / breaks HTML markup Note that Tenable Network...
Drupal Embedded Media Field Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Details of this disclosure can also be found at http://www.madirish.net/?article=474 Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in PHP and MySQL. The Drupal...
Drupal Embedded Media Field Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Details of this disclosure are also available at http://www.madirish.net/?article=472 Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in PHP and MySQL. The Drupal...
Drupal Module Embedded Media FieldMedia 6.x : Video FlotsamMedia: Audio Flotsam - Multiple Vulnerabilities
Drupal Module Embedded Media FieldMedia 6.x : Video FlotsamMedia: Audio Flotsam - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/45276/info The Embedded Media Field, Media: Video Flotsam, and Media: Audio Flotsam modules for Drupal are prone to multiple remote vulnerabilities,...
SA-CONTRIB-2010-109 - Embedded Media Field, Media: Video Flotsam, Media: Audio Flotsam - Multiple Vulnerabilities
1 - Arbitrary File Upload/Code Execution Vulnerability The Embedded Thumbnail module packaged with the project allows users who upload videos to upload their own thumbnails to replace The Drupal Embedded Media Field module. Unfortunately, the Embedded Thumbnail Module contains a vulnerability tha...
Drupal Module Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/45276/info The Embedded Media Field, Media: Video Flotsam, and Media: Audio Flotsam modules for Drupal are prone to multiple remote vulnerabilities, including: 1. An HTML-injection vulnerability 2. An arbitrary-file-upload vulnerability. An attacker could...
SA-CONTRIB-2010-094 - Embedded Media Field - Access bypass
The Embedded Media Field project is a set of modules that enable editors to post URL's and embed codes for third party media providers such as YouTube, Vimeo, or Flickr, which will be automatically parsed and displayed using preset formatters. The Embedded Video Field module packaged with the...
SA-CONTRIB-2010-095 - Lightbox2 - Multiple Vulnerabilities
The Lightbox2 module enables images to be overlaid on the current page using JavaScript. The module displays images above the page instead of within it, freeing the page design from layout constraints and keeping users on the same page. The module does not sanitize some of the user supplied data...
[Full-disclosure] Drupal Embedded Media Field Module Multiple XSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Details of this disclosure are posted at http://lampsecurity.org/drupal-6-embed-media-xss-vulnerability Vendor notified: 5/27/09 Vendor response: see below Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a...