25 matches found
EUVD-2018-19322
Malware in sbrugna...
EUVD-2025-25115
Malicious code in bioql PyPI...
CVE-2025-9107
A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/searchautocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly...
CVE-2025-9107
A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/searchautocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly...
CVE-2025-9107
A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/searchautocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly...
CVE-2025-9107 Portabilis i-Diario search_autocomplete cross site scripting
A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/searchautocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly...
CVE-2025-9107
Portabilis i-Diario
CVE-2025-9107 Portabilis i-Diario search_autocomplete cross site scripting
A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/searchautocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly...
PT-2025-33636 · Portabilis · I-Diario
Name of the Vulnerable Software and Affected Versions: Portabilis i-Diario versions up to 1.5.0 Description: A vulnerability exists in Portabilis i-Diario up to version 1.5.0, impacting an unknown function within the /alunos/search autocomplete file. Manipulation of the q argument can lead to...
CVE-2012-1638
SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use searchautocomplete" permission to execute arbitrary SQL commands via unspecified vectors...
CVE-2018-7603
In Drupal's 3rd party module search auto complete prior to versions 7.x-4.8 there is a Cross Site Scripting vulnerability. This Search Autocomplete module enables you to autocomplete textfield using data from your website nodes, comments, etc.. The module doesn't sufficiently filter user-entered...
CVE-2018-7603
In Drupal's 3rd party module search auto complete prior to versions 7.x-4.8 there is a Cross Site Scripting vulnerability. This Search Autocomplete module enables you to autocomplete textfield using data from your website nodes, comments, etc.. The module doesn't sufficiently filter user-entered...
CVE-2018-7603 Search Autocomplete
In Drupal's 3rd party module search auto complete prior to versions 7.x-4.8 there is a Cross Site Scripting vulnerability. This Search Autocomplete module enables you to autocomplete textfield using data from your website nodes, comments, etc.. The module doesn't sufficiently filter user-entered...
Design/Logic Flaw
The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors...
CVE-2012-4471
The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors...
CVE-2012-4471
The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors...
CVE-2012-4471
The vulnerability CVE-2012-4471 affects the Drupal Search Autocomplete module for Drupal 7.x-2.x before 7.x-2.4, where access control to the module’s admin page is insufficiently restricted. This allows remote attackers to disable autocompletion or alter priority order via unspecified vectors. Th...
Drupal Search Autocomplete模块数据库API SQL注入漏洞
BUGTRAQ ID: 51667 CVE ID: CVE-2012-1638 Search Autocomplete模块允许您添加自动完成功能到Drupal网站的搜索字段 Drupal Search Autocomplete 7.x-2.1之前版本存在安全漏洞,可允许已经通过身份验证的、且具有"use searchautocomplete"权限的远程用户执行任意SQL命令 0 Drupal Search Autocomplete Module 7.x 厂商补丁: Drupal ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载,并更新到7.x-2.1:...
CVE-2012-1638
SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use searchautocomplete" permission to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use searchautocomplete" permission to execute arbitrary SQL commands via unspecified vectors...