11 matches found
EUVD-2012-2149
Malware in sbrugna...
EUVD-2012-2148
Malware in sbrugna...
CVE-2012-2154
Cross-site scripting XSS vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-2155
Cross-site request forgery CSRF vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2012-2155
CVE-2012-2155: CSRF vulnerability in the CDN2 Video module 6.x for Drupal. The issue allows remote attackers to hijack the authentication of unspecified victims via unknown vectors due to CSRF in the module’s Form API behavior. Affected software is the Drupal CDN2 Video contributed module (versio...
CVE-2012-2154
CVE-2012-2154 corresponds to a cross-site scripting (XSS) vulnerability in the CDN2 Video module 6.x for Drupal. The vulnerability arises from the module not sanitizing output, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. According to the DRUPAL-SA-CON...
CVE-2012-2154
Cross-site scripting XSS vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-2155
Cross-site request forgery CSRF vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
SA-CONTRIB-2012-050 - CDN2 Video - Unsupported
CDN2 is a plug and play module and video management service for Drupal. The module does not sanitize output correctly, allowing for a cross-site scripting XSS vulnerability. Additionally, the Form API is not correctly utilized allowing for cross-site request forgery CSRF attempts. This module...