Lucene search
K

25 matches found

Cvelist
Cvelist
added 2012/09/19 9:0 p.m.20 views

CVE-2012-1638

SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use searchautocomplete" permission to execute arbitrary SQL commands via unspecified vectors...

7.9AI score0.01081EPSS
Exploits1References6
CVE
CVE
added 2012/09/19 9:0 p.m.50 views

CVE-2012-1638

The CVE-2012-1638 issue affects the Drupal Search Autocomplete module (7.x) before version 7.x-2.1. The vulnerability arises because the module does not properly use Drupal’s database API, allowing a remote authenticated user with the permission "use search_autocomplete" to execute arbitrary SQL ...

6CVSS8.1AI score0.01081EPSS
Exploits1References6Affected Software1
Drupal
Drupal
added 2012/07/11 12:0 a.m.16 views

SA-CONTRIB-2012-107 - Search autocomplete - Access bypass

This module allows you to add autocomplete functionality to virtually any fields of a Drupal site. The module doesn't sufficiently protect access to the module admin page. This vulnerability is mitigated by the fact that the user can only access the page, disable an autocompletion or change...

5CVSS6.4AI score0.01332EPSS
Exploits0References10
Drupal
Drupal
added 2012/01/25 12:0 a.m.17 views

SA-CONTRIB-2012-013 - Search Autocomplete - SQL Injection

CVE: CVE-2012-1638 The Search Autocomplete module allows you to add autocomplete functionality to the search fields of a Drupal site. Search Autocomplete does not properly use Drupal's database API, making it possible for a malicious user to carryout SQL injection on the site. This vulnerability ...

6CVSS7.2AI score0.01081EPSS
Exploits1References10
Patchstack
Patchstack
added 2011/09/01 12:0 a.m.12 views

WordPress Search Autocomplete Plugin <= 1.0.8 - SQL Injection

Search Autocomplete plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder