6 matches found
EUVD-2015-3448
Malware in sbrugna...
CVE-2015-3404
The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing and creating the PDF certificates."...
Design/Logic Flaw
The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing and creating the PDF certificates."...
CVE-2015-3404
The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing and creating the PDF certificates."...
CVE-2015-3404
The vulnerability CVE-2015-3404 affects the Drupal Certify module (before 6.x-2.3). The module fails to perform proper node access checks when showing or creating PDF certificates, allowing remote authenticated users to bypass access restrictions and view sensitive PDF certificate information. Af...
SA-CONTRIB-2015-033 - Certify - Access bypass and information disclosure
Certify enables you to automatically issue PDF certificates to users upon completion of a set of conditions. The module does not sufficiently check node access when showing and creating the PDF certificates. This can lead to users seeing certificates they should not have access to. This...