23 matches found
Design/Logic Flaw
Cloudera Manager 5.5 and earlier allows remote attackers to enumerate user sessions via a request to /api/v11/users/sessions...
Multiple vulnerabilities in Drupal REST JSON module
Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.REST JSON is one of the interface modules used to expose Drupal content. The Drupal REST JSON module version 7.x-1.x has a 1. security bypass vulnerability 2. user enumeration...
REST JSON - Multiple Vulnerabilities - Highly Critical - Unsupported - SA-CONTRIB-2016-033
This module enables you to expose content, users and comments via a JSON API. The module contains multiple vulnerabilities including Node access bypass Comment access bypass User enumeration Field access bypass User registration bypass Blocked user login Session name guessing Session enumeration...