Lucene search
K

117 matches found

Fedora
Fedora
added 2015/09/06 6:24 a.m.13 views

[SECURITY] Fedora 21 Update: drupal6-ctools-1.14-1.fc21

This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pages. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. For the moment, it includ...

0.5AI score
Exploits0
Fedora
Fedora
added 2015/09/06 1:49 a.m.24 views

[SECURITY] Fedora 23 Update: drupal6-ctools-1.14-1.fc23

This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pages. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. For the moment, it includ...

0.5AI score
Exploits0
CNVD
CNVD
added 2015/08/27 12:0 a.m.3 views

Drupal Ajax Handler and Ctools Module Cross-Site Scripting Vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.Ajax handler is one of the modules used to handle Ajax requests.Ctools Chaos tool suite is one of the API modules used to improve the development experience. A cross-site scripting...

4.3CVSS7.1AI score0.02689EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/27 12:0 a.m.1 views

Drupal Ctools Module Security Bypass Vulnerability

Drupal is a free and open source content management system developed in PHP. ctools is one of the API modules used to improve the development experience. A cross-site scripting vulnerability exists in the Drupal Ctools module that could be exploited by remote attackers to bypass security...

6.3AI score
Exploits0References1
NVD
NVD
added 2015/08/24 2:59 p.m.21 views

CVE-2015-6665

Cross-site scripting XSS vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the "a" tag...

4.3CVSS6.7AI score0.02689EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2015/08/24 2:59 p.m.23 views

CVE-2015-6665

Cross-site scripting XSS vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the "a" tag...

4.3CVSS7.2AI score0.02689EPSS
Exploits0References4
Prion
Prion
added 2015/08/24 2:59 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the "a" tag...

4.3CVSS6.1AI score0.02689EPSS
Exploits0References15Affected Software3
OSV
OSV
added 2015/08/24 2:59 p.m.2 views

UBUNTU-CVE-2015-6665

Cross-site scripting XSS vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the "a" tag...

4.3CVSS5.9AI score0.02689EPSS
Exploits0References5
CVE
CVE
added 2015/08/24 2:0 p.m.74 views

CVE-2015-6665

CVE-2015-6665 affects Drupal 7.x up to version 7.39 and the Ctools module 6.x up to 6.x-1.14. The XSS flaw resides in the Ajax handler, allowing remote attackers to inject arbitrary scripts/HTML via a whitelisted HTML element (potentially the A tag). Remediation: upgrade to Drupal 7.39 and Ctools...

4.3CVSS5.5AI score0.02689EPSS
Exploits0References15Affected Software1
Cvelist
Cvelist
added 2015/08/24 2:0 p.m.27 views

CVE-2015-6665

Cross-site scripting XSS vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly related to the "a" tag...

6.7AI score0.02689EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2015/08/24 2:0 p.m.23 views

CVE-2015-6665

Removed by vendor...

4.3CVSS7.4AI score0.02689EPSS
Exploits0
CNVD
CNVD
added 2015/08/22 12:0 a.m.2 views

Drupal Ctools Module Cross-Site Scripting Vulnerability

Drupal is a free and open source content management system developed in PHP. ctools is one of the API modules used to improve the development experience. A cross-site scripting vulnerability exists in the Drupal Ctools module, which allows remote attackers to exploit the vulnerability to inject...

6AI score
Exploits0References1
Drupal
Drupal
added 2015/08/19 12:0 a.m.33 views

Ctools - Critical - Multiple Vulnerabilities - SA-CONTRIB-2015-141

Cross Site Scripting XSS Ctools in Drupal 6 provides a number of APIs and extensions for Drupal, and is a dependency for many of the most popular modules, including Views, Panels and Entityreference. Many features introduced in Drupal Core once lived in ctools. This vulnerability can be mitigated...

7.5CVSS7.3AI score0.02689EPSS
Exploits0References18
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.15 views

Fedora Update for drupal7-ctools FEDORA-2015-4312

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
CVE
CVE
added 2015/06/16 5:0 p.m.49 views

CVE-2015-4398

CVE-2015-4398 is an open redirect vulnerability in the Chaos Tool Suite (ctools) Drupal module. Affected versions are CTools 6.x-1.x prior to 6.x-1.12 and 7.x-1.x prior to 7.x-1.7. The root cause is improper sanitization of URLs processed on confirmation delete pages, enabling remote attackers to...

5.8CVSS6.9AI score0.01331EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2015/06/15 2:59 p.m.15 views

Design/Logic Flaw

The Chaos tool suite ctools module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via 1 an autocomplete search on custom entities without an access query tag or 2 leveraging knowledge of the ID of an entity...

4.3CVSS7AI score0.01228EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/06/15 2:0 p.m.48 views

CVE-2015-4375

The CVE-2015-4375 vulnerability affects the Chaos tool suite (ctools) module for Drupal (7.x-1.x prior to 7.x-1.7 and 6.x-1.x prior to 6.x-1.12). It enables remote attackers to obtain sensitive node titles via two attack paths: (1) an autocomplete search on custom entities without an access query...

4.3CVSS6.8AI score0.01228EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.21 views

Fedora 22 : drupal7-ctools-1.7-1.fc22 (2015-4312)

Update to upstream 1.7 release for security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.15 views

Fedora 21 : drupal7-ctools-1.7-1.fc21 (2015-4284)

Update to upstream 1.7 release for security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.11 views

Fedora 20 : drupal7-ctools-1.7-1.fc20 (2015-4280)

Update to upstream 1.7 release for security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.4AI score
Exploits0References2
Rows per page
Query Builder