2 matches found
CVE-2010-1547
CVE-2010-1547 concerns CSRF vulnerabilities in the Drupal Chaos Tool Suite (CTools) module, version 6.x prior to 6.x-1.4. The issue allows remote attackers to hijack administrator sessions by issuing requests that enable or disable a page via specific q parameters (q=admin/build/pages/nojs/enable...
CVE-2010-1547
Multiple cross-site request forgery CSRF vulnerabilities in the Chaos Tool Suite aka CTools module 6.x before 6.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrators for requests that 1 enable a page via a q=admin/build/pages/nojs/enable/ value or 2 disable a page...