8 matches found
EUVD-2012-1659
Malware in sbrugna...
EUVD-2012-1658
Malware in sbrugna...
CVE-2012-1648
Cross-site scripting XSS vulnerability in the Cool Aid module before 6.x-1.9 for Drupal allows remote authenticated users with the administer coolaid permission to inject arbitrary web script or HTML via unspecified vectors...
Code injection
Cool Aid module before 6.x-1.9 for Drupal does not enforce access restrictions, which allows remote authenticated users with the administer coolaid permission to modify arbitrary pages via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Cool Aid module before 6.x-1.9 for Drupal allows remote authenticated users with the administer coolaid permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-1649
Cool Aid module before 6.x-1.9 for Drupal does not enforce access restrictions, which allows remote authenticated users with the administer coolaid permission to modify arbitrary pages via unspecified vectors...
CVE-2012-1649
CVE-2012-1649 affects the Drupal Cool Aid module prior to 6.x-1.9. The vulnerability is an access-control bypass that allows remote authenticated users with the administer coolaid permission to modify arbitrary pages via unspecified vectors. The root cause is insufficient access restriction enfor...
CVE-2012-1648
The CVE-2012-1648 issue affects the Drupal Cool aid module (6.x-1.x) prior to 6.x-1.9. The root cause is improper user input sanitization combined with insufficient access checks, allowing remote authenticated users with the administer coolaid permission to inject arbitrary script/HTML via unspec...