14 matches found
EUVD-2008-4512
Malware in sbrugna...
EUVD-2008-4511
Malware in sbrugna...
EUVD-2008-4319
Malware in sbrugna...
Brilliant Gallery - Highly critical - Multiple Vulnerabilities - SA-CONTRIB-2017-079
This module enables you to display any number of galleries based on images located in the files folder. The module doesn't sufficiently sanitize various database queries which may allow attackers to craft requests resulting in an SQL injection vulnerability. This vulnerability could be exploited...
CVE-2008-4530
Cross-site scripting XSS vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote authenticated users with permissions to inject arbitrary web script or HTML via unspecified vectors related to posting of answers...
CVE-2008-4531
SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338...
Sql injection
SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338...
CVE-2008-4531
SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338...
CVE-2008-4531
CVE-2008-4531 covers a SQL injection in Brilliant Gallery 5.x (Drupal module) before 5.x-4.2, enabling an attacker to inject arbitrary SQL via unspecified vectors. The vulnerability relates to the broader issue described in CVE-2008-4338, which specifies the brilliant_gallery_checklist_save funct...
SA-2008-059 - Brilliant Gallery - SQL Injection and Cross Site Scripting
The Brilliant Gallery module allows users to publish photos in galleries. Two vulnerabilities were found in the module. SQL Injection Brilliant Gallery does not properly use the Drupal database API and inserts values from URLs directly into queries. This can be exploited to perform SQL Injection...
CVE-2008-4338
SQL injection vulnerability in the brilliantgallerychecklistsave function in the bgchecklist/save script in Brilliant Gallery 5.x and 6.x, a module for Drupal, allows remote authenticated users with "access brilliantgallery" permissions to execute arbitrary SQL commands via the 1 nid, 2 qid, 3...
CVE-2008-4338
SQL injection vulnerability in the brilliantgallerychecklistsave function in the bgchecklist/save script in Brilliant Gallery 5.x and 6.x, a module for Drupal, allows remote authenticated users with "access brilliantgallery" permissions to execute arbitrary SQL commands via the 1 nid, 2 qid, 3...
CVE-2008-4338
The CVE-2008-4338 issue is a SQL injection vulnerability in the Brilliant Gallery Drupal module (versions 5.x and 6.x). It affects the brilliant_gallery_checklist_save function in bgchecklist/save, allowing remote authenticated users with the access brilliant_gallery permission to inject arbitrar...
SA-2008-058 - Brilliant Gallery - SQL Injection
The module does not properly use Drupal's database API and inserts values supplied by users directly into queries. This can be exploited by malicious users with the "access brilliantgallery" permission to perform SQL Injection attacks. These attacks may lead to the malicious user gaining...