19 matches found
EUVD-2015-5464
Malware in sbrugna...
Administration Views - Moderately critical - Access bypass - SA-CONTRIB-2019-076
This module replaces administrative overview/listing pages with actual views for superior usability. The module doesn't sufficiently check user access when using the "Menu system path" access handler on a Views displays other than "System". Update: This project had been unsupported due to this...
CVE-2018-18862
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+Vie...
Drupal Administration Views Module Access Privilege Bypass Vulnerability
Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Administration Views is one of the modules used to replace the administration overview or list pages. An access rights bypass vulnerability exists in the Drupal Administration Views...
Administration Views - Critical - Access bypass - SA-CONTRIB-2016-041
Administration Views module replaces overview/listing pages with actual views for superior usability. The module does not check access properly under certain circumstances. Anonymous users could get access to read information they should not have access to. CVE identifiers issued ACVE identifier...
Drupal Administration Views Module Information Disclosure Vulnerability
Drupal is a free, open source content management system developed in PHP.Administration Views module for Drupal is a module for Drupal that replaces the administration overview or listings pages. A security vulnerability in versions 7.x-1.x prior to 7.x-1.x of the Drupal Administration Views modu...
CVE-2015-7226
The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal checks access permissions based on the router path from the view instead of the display property, which allows remote attackers to obtain sensitive information via vectors related to the access handler...
Information disclosure
The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal checks access permissions based on the router path from the view instead of the display property, which allows remote attackers to obtain sensitive information via vectors related to the access handler...
CVE-2015-7226
CVE-2015-7226 affects the Drupal contributed module Administration Views (7.x) , specifically versions in the 7.x-1.x branch prior to 7.x-1.5. The root cause is that access checks are performed based on the router path extracted from the view rather than the view’s display property, enabling info...
CVE-2015-7226
The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal checks access permissions based on the router path from the view instead of the display property, which allows remote attackers to obtain sensitive information via vectors related to the access handler...
CVE-2015-5509
The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified modules, does not properly grant access to administration pages, which allows remote administrators to bypass intended restrictions via unspecified vectors...
Authentication flaw
The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified modules, does not properly grant access to administration pages, which allows remote administrators to bypass intended restrictions via unspecified vectors...
CVE-2015-5509
CVE-2015-5509 affects the Drupal contributed module Administration Views (7.x-1.x) prior to 7.x-1.4. When used in combination with other unspecified modules, it can bypass access restrictions to administration pages, allowing remote administrators to view/modify restricted areas. The issue is tie...
CVE-2015-5509
The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified modules, does not properly grant access to administration pages, which allows remote administrators to bypass intended restrictions via unspecified vectors...
Drupal Administration Views Module Information Disclosure Vulnerability
Drupal is a free, open source content management system developed in PHP.Administration Views is a module for replacing administration overview or list pages. A security vulnerability exists in the Drupal Administration Views module that allows remote attackers to submit special requests to obtai...
Administration Views - Critical - Information Disclosure - SA-CONTRIB-2015-132
Administration Views module replaces overview/listing pages with actual views for superior usability. The module does not check access properly under certain circumstances. Anonymous users could get access to read information they should not have access to. CVE identifiers issued CVE-2015-7226...
Views Bulk Operations - Moderately critical - Access Bypass - SA-CONTRIB-2015-131
The Views Bulk Operations module enables you to add bulk operations to administration views, executing actions on multiple selected rows. The module doesn't sufficiently guard user entities against unauthorized modification. If a user has access to a user account listing view with VBO enabled suc...
Drupal Administration Views Module Access Bypass Vulnerability
Drupal is a free and open source content management system developed in PHP. An access bypass vulnerability exists in the Drupal Administration Views module, which allows an attacker to obtain sensitive information...
Administration Views - Moderately Critical - Access Bypass - SA-CONTRIB-2015-122
This module replaces administrative overview/listing pages with Views for improved usability. When combined with other contributed or custom modules, the Administration Views module improperly grants users access to administration pages including the permissions page. This vulnerability is...