3 matches found
CVE-2010-0752
The weekpostpage function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows remote attackers to read restricted node listings via unspecified vectors...
CVE-2010-0752
CVE-2010-0752 affects Drupal’s Weekly Archive by Node Type module (6.x) prior to 6.x-2.7. The flaw is in week_post_page, which does not properly enforce node access restrictions when constructing SQL queries, allowing remote attackers to read restricted node listings via unspecified vectors. Impa...
CVE-2010-0752
The weekpostpage function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows remote attackers to read restricted node listings via unspecified vectors...