Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2008-0830

Malware in sbrugna...

10CVSS6.4AI score0.02151EPSS
Exploits0References6
Cvelist
Cvelist
added 2015/04/21 6:0 p.m.25 views

CVE-2015-3390

Cross-site scripting XSS vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...

5.2AI score0.00965EPSS
Exploits0References4
CVE
CVE
added 2015/04/21 6:0 p.m.50 views

CVE-2015-3390

CVE-2015-3390 corresponds to an XSS vulnerability in the Drupal module Facebook Album Fetcher . The issue arises from printing fields without proper sanitization, allowing remote authenticated users with the "access administration pages" permission to inject arbitrary script/HTML via unspecified ...

3.5CVSS5.4AI score0.00965EPSS
Exploits0References4Affected Software1
Drupal
Drupal
added 2015/02/04 12:0 a.m.21 views

SA-CONTRIB-2015-038 - Facebook Album Fetcher - Cross Site Scripting (XSS) - Unsupported

Facebook Album Fetcher module allows you to fetch Facebook albums from a Facebook account. The module incorrectly prints fields without proper sanitization thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...

3.5CVSS6AI score0.00965EPSS
Exploits0References9
Drupal
Drupal
added 2014/09/24 12:0 a.m.20 views

SA-CONTRIB-2014-093 - Twilio - Information Disclosure

This module enables you to easily add SMS and VOIP functionality to your website by leveraging the Twilio cloud Voip and SMS service. The module doesn't expose its own permissions for administration including viewing and editing the Twilio authentication tokens. It relies only on "access...

5.5CVSS6.6AI score0.00966EPSS
Exploits0References9
NVD
NVD
added 2014/01/31 3:7 p.m.17 views

CVE-2013-4383

Cross-site scripting XSS vulnerability in the jQuery Countdown module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.3AI score0.00931EPSS
Exploits0References3
Cvelist
Cvelist
added 2012/09/18 8:0 p.m.25 views

CVE-2012-1658

Cross-site scripting XSS vulnerability in the Read More Link module 6.x-3.x before 6.x-3.1 for Drupal allows remote authenticated users with the access administration pages permission to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.01064EPSS
Exploits0References7
Rows per page
Query Builder