Lucene search
+L

124 matches found

NVD
NVD
added 2008/10/29 3:31 p.m.18 views

CVE-2008-4792

The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values...

6CVSS6.3AI score0.01282EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2008/10/08 12:0 a.m.31 views

drupal -- multiple vulnerabilities

The Drupal Project reports: A logic error in the core upload module validation allowed unprivileged users to attach files to content. Users can view files attached to content which they do not otherwise have access to. If the core upload module is not enabled, your site will not be affected. A...

7.5CVSS6.2AI score0.02207EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.18 views

XSS vulnerability in Dada Mail

According to its banner, the remote version of Dada Mail does not properly validate user written content before submitting that data to the archiving system. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

4.3CVSS6.8AI score0.01164EPSS
Exploits0References3
CVE
CVE
added 2005/04/19 4:0 a.m.50 views

CVE-2005-0391

Geneweb (versions 4.10 and earlier) is affected by insecure file operations during file conversion, where maintainer scripts do not properly validate file permissions and content, potentially permitting modification of arbitrary files. This CVE (CVE-2005-0391 / CAN-2005-0391) is discussed in Debi...

5CVSS6.4AI score0.0137EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder