2 matches found
CVE-2009-4515
The Storm module 6.x before 6.x-1.25 for Drupal does not enforce privilege requirements for storminvoiceitem nodes, which allows remote attackers to read node titles via unspecified vectors...
CVE-2009-4515
The Storm module for Drupal (6.x before 6.x-1.25) does not enforce privilege requirements for storminvoiceitem nodes, allowing remote attackers to read node titles via unspecified vectors. This affects confidentiality (partial). No exploit details are provided in the documents. Remediation: upgra...