Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2015-7236

Malware in sbrugna...

4.3CVSS6.4AI score0.00263EPSS
Exploits0References3
NVD
NVDadded 2015/09/21 7:59 p.m.8 views

CVE-2015-7306

The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not properly check access permissions, which allows remote authenticated users to access and change settings by leveraging the "access administration pages" permission...

4.9CVSS6.3AI score0.00255EPSS
Exploits0References2
Prion
Prionadded 2015/09/21 7:59 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the configuration page...

4.3CVSS6.1AI score0.00263EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2015/09/21 7:59 p.m.9 views

Code injection

The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not properly check access permissions, which allows remote authenticated users to access and change settings by leveraging the "access administration pages" permission...

4.9CVSS6.8AI score0.00255EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2015/09/21 7:0 p.m.13 views

CVE-2015-7306

The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not properly check access permissions, which allows remote authenticated users to access and change settings by leveraging the "access administration pages" permission...

6.3AI score0.00255EPSS
Exploits0References2
CVE
CVEadded 2015/09/21 7:0 p.m.44 views

CVE-2015-7307

The CVE-2015-7307 entry describes a cross-site scripting (XSS) vulnerability in the Drupal CMS Updater module (7.x-1.x) prior to version 7.x-1.3. The issue arises on the module’s configuration page where user-supplied text is not properly sanitized, enabling remote attackers to inject arbitrary w...

4.3CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2015/09/21 7:0 p.m.13 views

CVE-2015-7307

Cross-site scripting XSS vulnerability in the CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the configuration page...

5.7AI score0.00263EPSS
Exploits0References2
CVE
CVEadded 2015/09/21 7:0 p.m.45 views

CVE-2015-7306

Summary: CVE-2015-7306 affects the Drupal CMS Updater module (7.x-1.x) prior to 7.x-1.3. The vulnerability is a permission check bypass on the settings access page, enabling remote authenticated users to view and modify settings by abusing the "access administration pages" permission. Affected so...

4.9CVSS6.5AI score0.00255EPSS
Exploits0References2Affected Software1
Drupal
Drupaladded 2015/09/16 12:0 a.m.15 views

CMS Updater - Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2015-150

CMS Updater allows to update Drupal core automatically with a subscription service. Access bypass The module does not sufficiently protect the settings page allowing any user with the permission "access administration pages" to change settings. This vulnerability is mitigated by the fact that an...

4.9CVSS5.4AI score0.00263EPSS
Exploits0References10
Rows per page
Query Builder