5 matches found
EUVD-2013-1961
Malware in sbrugna...
CVE-2013-1973
The autocomplete callback in Autocomplete Widgets for Text and Number Fields autocompletewidgets module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-rc1 does not properly handle node permissions, which allows remote authenticated users to obtain sensitive field values via unspecified vectors...
CVE-2013-1973
The autocomplete callback in Autocomplete Widgets for Text and Number Fields autocompletewidgets module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-rc1 does not properly handle node permissions, which allows remote authenticated users to obtain sensitive field values via unspecified vectors...
CVE-2013-1973
CVE-2013-1973 affects the Drupal contributed module Autocomplete Widgets for Text and Number Fields . The vulnerability lies in the autocomplete callback not properly enforcing node permissions, enabling remote authenticated users to obtain sensitive field values via unspecified vectors. Affected...
SA-CONTRIB-2013-045 - Autocomplete Widgets for Text and Number Fields (autocomplete_widgets) - Access bypass
Autocomplete Widgets module adds autocomplete widgets for Text and Number fields. The autocomplete callback implemented by this module does not honor node permissions to access existing fields, allowing users to see field values even though they are not authorized to access that information. This...