EUVD-2009-0814

Malware in sbrugna...

EUVD-2012-2710

Malware in sbrugna...

CVE-2012-2730

The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions...

CVE-2012-2730

CVE-2012-2730 affects the Drupal Protected Node module (6.x-1.x) prior to 6.x-1.6. The vulnerability allows remote attackers to bypass access restrictions by accessing nodes outside the standard node view due to insufficient protection of node access. Affected versions: Protected node 6.x-1.x bef...

CVE-2012-2730

The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions...

SA-CONTRIB-2012-101 - Protected Node - Access Bypass

The Protected Node module enables users to use a password to restrict access to an individual node or all nodes of a node type. The module doesn't sufficiently protect node access when nodes are accessed outside of the standard node view i.e. node/1 is protected but other lists are not. CVE:...

CVE-2009-0817

Cross-site scripting XSS vulnerability in the Protected Node module 5.x before 5.x-1.4 and 6.x before 6.x-1.5, a module for Drupal, allows remote authenticated users with "administer site configuration" permissions to inject arbitrary web script or HTML via the Password page info field, which is...

CVE-2009-0817

Cross-site scripting XSS vulnerability in the Protected Node module 5.x before 5.x-1.4 and 6.x before 6.x-1.5, a module for Drupal, allows remote authenticated users with "administer site configuration" permissions to inject arbitrary web script or HTML via the Password page info field, which is...

CVE-2009-0817

This CVE concerns the Drupal Protected Node module. Affected: Protected Node module versions 5.x before 5.x-1.4 and 6.x before 6.x-1.5. Root cause: improper handling in the protected_node_enterpassword function allows an authenticated user with the site-configuration permission to inject arbitrar...

PT-2009-3416 · Drupal · Protected Node

Name of the Vulnerable Software and Affected Versions: Protected Node module versions 5.x before 5.x-1.4 Protected Node module versions 6.x before 6.x-1.5 Description: The issue allows remote authenticated users with administer site configuration permissions to inject arbitrary web script or HTML...

Drupal Protected Node模块脚本注入漏洞

BUGTRAQ ID: 33936 Drupal的Protected Node模块可通过口令限制对节点的访问。 protectednode.module模块的protectednodeenterpassword函数没有正确地过滤用户提供输入，272到274行使用以下语句显示出用户提供的文本： $form'protectednode' = array 'value' = $info ;...

Drupal Protected Node Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Version Tested: 5.x-1.3 on Drupal 5.15 The Drupal Protected Node module http://drupal.org/project/protectednode is designed to restrict access to nodes using passwords. When nodes are created they can be protected by selecting 'protected node' and...