167 matches found
Fedora 21 : drupal7-path_breadcrumbs-3.2-1.fc21 (2015-1882)
SA-CONTRIB-2015-037 - Access Bypass Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Drupal Path Breadcrumbs Module Access Bypass Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. An access bypass vulnerability exists in the Drupal Path Breadcrumbs module that could allow an attacker to bypass certain security restrictions and perform unauthorized...
SA-CONTRIB-2015-037 - Path Breadcrumbs - Access Bypass
This module enables you to configure breadcrumbs for any Drupal page. The module doesn't check node access on 403 Not Found pages. As a result, unpublished content data can be shown to unprivileged user. This vulnerability is mitigated by the fact that it is possible to configure proper access...
CVE-2014-2022
SQL injection vulnerability in includes/api/4/breadcrumbscreate.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request...
vBulletin 4.x - breadcrumbs via xmlrpc API (Authenticated) SQL Injection
vBulletin 4.x - breadcrumbs via xmlrpc API Authenticated SQL Injection CVE-2014-2022 - vbulletin 4.x - SQLi in breadcrumbs via xmlrpc API post-auth ============================================================================== Overview -------- date : 10/12/2014 cvss : 7.1...
SA-CONTRIB-2014-086 - Custom BreadCrumbs - Cross Site Scripting (XSS)
Custom Breadcrumbs allows administrators to set up parametrized breadcrumb trails for different content types, views, panels, taxonomy vocabularies and terms, paths, and a simple API that allows contributed modules to enable custom breadcrumbs for module pages and theme templates. User input is n...
CVE-2006-4376
Multiple cross-site scripting XSS vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the 1 profilnr and 2 sprache parameters in the main portion of the portal, the 3 suchstring...