Lucene search
K

101 matches found

Prion
Prion
added 2015/08/18 5:59 p.m.13 views

Design/Logic Flaw

The viewsfetchdata method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors...

5CVSS7.2AI score0.02607EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2015/08/18 5:0 p.m.23 views

CVE-2015-5509

The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified modules, does not properly grant access to administration pages, which allows remote administrators to bypass intended restrictions via unspecified vectors...

6.7AI score0.00911EPSS
Exploits0References4
CVE
CVE
added 2015/08/18 5:0 p.m.38 views

CVE-2015-5490

The CVE-2015-5490 vulnerability affects the Drupal Views module (7.x-3.x) specifically versions 7.x-3.5 through 7.x-3.10. The root cause is that _views_fetch_data in includes/cache.inc does not rebuild the full cache when the static cache is non-empty, allowing remote attackers to bypass configur...

5CVSS6.9AI score0.02607EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2015/08/18 5:0 p.m.23 views

CVE-2015-5490

The viewsfetchdata method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors...

6.7AI score0.02607EPSS
Exploits1References6
Fedora
Fedora
added 2015/06/21 12:21 a.m.31 views

[SECURITY] Fedora 22 Update: drupal7-views-3.11-1.fc22

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score
Exploits0
Drupal
Drupal
added 2015/04/29 12:0 a.m.20 views

Views - Critical - Access Bypass - SA-CONTRIB-2015-103

The Views module provides a flexible method for Drupal site designers to control how lists and tables of content, users, taxonomy terms and other data are presented. Access bypass due cache inconsistency Due to an issue in the caching mechanism of Views it's possible that configured filters lose...

5CVSS6.3AI score0.02607EPSS
Exploits1References11
NVD
NVD
added 2015/04/21 6:59 p.m.17 views

CVE-2015-3379

The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

4CVSS5.8AI score0.01115EPSS
Exploits0References5
Prion
Prion
added 2015/04/21 6:59 p.m.18 views

Design/Logic Flaw

The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

4CVSS6.3AI score0.01115EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/04/21 6:0 p.m.20 views

CVE-2015-3378

Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to t...

6.2AI score0.0158EPSS
Exploits0References6
Cvelist
Cvelist
added 2015/04/21 6:0 p.m.19 views

CVE-2015-3379

The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticated users to obtain sensitive information via unspecified vectors...

5.8AI score0.01115EPSS
Exploits0References5
CVE
CVE
added 2015/04/21 6:0 p.m.49 views

CVE-2015-3378

CVE-2015-3378 describes an open redirect vulnerability in the Drupal Views module (versions 6.x prior to 6.x-2.18, 6.x-3.x prior to 6.x-3.2, and 7.x prior to 7.x-3.10) when the Views UI submodule is enabled. The underlying issue is an unsanitized URL handling path used to break the lock on edited...

4.9CVSS6.4AI score0.0158EPSS
Exploits0References6Affected Software1
Fedora
Fedora
added 2015/03/26 9:49 p.m.13 views

[SECURITY] Fedora 20 Update: drupal7-views-3.10-1.fc20

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score
Exploits0
Fedora
Fedora
added 2015/03/26 9:34 p.m.11 views

[SECURITY] Fedora 21 Update: drupal7-views-3.10-1.fc21

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score
Exploits0
Fedora
Fedora
added 2015/02/23 8:3 a.m.16 views

[SECURITY] Fedora 21 Update: drupal6-views-2.18-1.fc21

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score
Exploits0
CNVD
CNVD
added 2015/02/13 12:0 a.m.3 views

Drupal Views Module Open Redirect Vulnerability

Drupal is written using the PHP language open source content management framework , which consists of a content management system and PHP development framework together . An open redirect vulnerability exists in the Drupal Views module that allows an attacker to trick users into redirecting to an...

4.9CVSS6.9AI score0.0158EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/13 12:0 a.m.3 views

Drupal Views module access bypass vulnerability (CNVD-2015-01153)

Drupal is written using the PHP language open source content management framework , which consists of a content management system and PHP development framework together . An access bypass vulnerability exists in the Drupal Views module, which can be exploited by an attacker to bypass certain...

4CVSS7AI score0.01115EPSS
Exploits0References1
Drupal
Drupal
added 2015/02/11 12:0 a.m.23 views

SA-CONTRIB-2015-039 - Views - Multiple vulnerabilities

The Views module provides a flexible method for Drupal site designers to control how lists and tables of content, users, taxonomy terms and other data are presented. Open redirect vulnerability The module does not sanitize user provided URLs when processing the page to break the lock on Views bei...

4.9CVSS6AI score0.0158EPSS
Exploits0References9
Drupal
Drupal
added 2014/08/20 12:0 a.m.28 views

SA-CONTRIB-2014-080 - Social Stats - Cross Site Scripting (XSS)

The Social Stats module enables you to collect statistics from various social networks and use that data with the Views module as field data, sort criteria, or filter criteria. The module does not sufficiently filter user-supplied text that is stored in the configuration, resulting in a persisten...

2.1CVSS5.9AI score0.00941EPSS
Exploits0References11
OSV
OSV
added 2013/09/27 10:8 a.m.2 views

DEBIAN-CVE-2013-5942

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...

6.8CVSS8.1AI score0.02106EPSS
Exploits0References1
Fedora
Fedora
added 2013/03/30 9:27 p.m.8 views

[SECURITY] Fedora 17 Update: drupal7-views-3.6-1.fc17

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score
Exploits0
Rows per page
Query Builder