56 matches found
EUVD-2013-1803
Malware in sbrugna...
EUVD-2014-8577
Malware in sbrugna...
EUVD-2014-7828
Malware in sbrugna...
EUVD-2014-7827
Malware in sbrugna...
EUVD-2014-4231
Malware in sbrugna...
EUVD-2014-7926
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in the zenbreadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the...
CVE-2013-4275
The Drupal Zen theme vulnerability CVE-2013-4275 affects Zen 6.x-1.x; 7.x-3.x before 7.x-3.2; and 7.x-5.x before 7.x-5.4. The root cause is a missing escape in zen_breadcrumb (template.php) for the breadcrumb separator field, allowing remote authenticated users with the administer themes permissi...
Drupal MAYO theme cross-site scripting vulnerability
Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.MAYO theme is one of the modules that provides users with an easy way to define and create a theme of their choice. A cross-site scripting vulnerability exists in Drupal MAYO theme...
CVE-2015-8233
Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings...
CVE-2015-8233
Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings...
CVE-2015-8233
The MAYO Drupal theme (7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6) is affected by an XSS vulnerability. Root cause: insufficient sanitization in theme settings that remote administrators with the Administer themes permission can exploit to inject arbitrary script/HTML. Impact: potential fo...
CVE-2014-8746
Cross-site scripting XSS vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1.4, for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...
Cross site scripting
Cross-site scripting XSS vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1.4, for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...
CVE-2014-8746
The CVE-2014-8746 entry refers to a Cross-site scripting (XSS) vulnerability in the Skeleton theme for Drupal, affecting versions 7.x-1.2 through 7.x-1.3 prior to 7.x-1.4. The issue allows remote authenticated users who have the "administer themes" permission to inject arbitrary web script or HTM...
CVE-2014-8746
Cross-site scripting XSS vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1.4, for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...
CVE-2014-8077
Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...
CVE-2014-8076
Cross-site scripting XSS vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to custom copyright information...
Cross site scripting
Cross-site scripting XSS vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to custom copyright information...
Cross site scripting
Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...