7 matches found
EUVD-2008-0830
Malware in sbrugna...
CVE-2015-3390
Cross-site scripting XSS vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-3390
CVE-2015-3390 corresponds to an XSS vulnerability in the Drupal module Facebook Album Fetcher . The issue arises from printing fields without proper sanitization, allowing remote authenticated users with the "access administration pages" permission to inject arbitrary script/HTML via unspecified ...
SA-CONTRIB-2015-038 - Facebook Album Fetcher - Cross Site Scripting (XSS) - Unsupported
Facebook Album Fetcher module allows you to fetch Facebook albums from a Facebook account. The module incorrectly prints fields without proper sanitization thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...
SA-CONTRIB-2014-093 - Twilio - Information Disclosure
This module enables you to easily add SMS and VOIP functionality to your website by leveraging the Twilio cloud Voip and SMS service. The module doesn't expose its own permissions for administration including viewing and editing the Twilio authentication tokens. It relies only on "access...
CVE-2013-4383
Cross-site scripting XSS vulnerability in the jQuery Countdown module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-1658
Cross-site scripting XSS vulnerability in the Read More Link module 6.x-3.x before 6.x-3.1 for Drupal allows remote authenticated users with the access administration pages permission to inject arbitrary web script or HTML via unspecified vectors...