Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.40 views

Ubuntu 16.04 ESM : Drupal vulnerabilities (USN-4773-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4773-1 advisory. It was discovered that Drupal did not properly process certain input. An attacker could use this vulnerability to execute arbitrary code or completely...

9.8CVSS7.9AI score0.99993EPSS
Exploits58References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2015-0121)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.01635EPSS
Exploits0References8
securityvulns
securityvulns
added 2015/05/11 12:0 a.m.79 views

[SECURITY] [DSA 3200-1] drupal7 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3200-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 20, 2015 http://www.debian.org/security/faq -...

3.5CVSS1.5AI score0.01635EPSS
Exploits0
NVD
NVD
added 2015/03/25 2:59 p.m.17 views

CVE-2015-2559

Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL...

3.5CVSS6.3AI score0.01635EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2015/03/25 2:0 p.m.22 views

CVE-2015-2559

Removed by vendor...

3.5CVSS6.2AI score0.01635EPSS
Exploits0
CVE
CVE
added 2015/03/25 2:0 p.m.157 views

CVE-2015-2559

CVE-2015-2559 affects Drupal 6.x before 6.35 and 7.x before 7.35, enabling a remote authenticated user to reset another user’s password by exploiting a crafted password‑reset URL and matching password hashes. Connected advisories confirm this as part of broader Drupal fixes and, in some records (...

3.5CVSS6AI score0.01635EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.77 views

Drupal 6.x < 6.35 / 7.x < 7.35 Multiple Vulnerabilities

The remote web server is running a version of Drupal that is 6.x prior to 6.35 or 7.x prior to 7.35. It is, therefore, potentially affected by the following vulnerabilities : - An access bypass vulnerability exists in which password reset URLs can be forged. This allows a remote attacker to gain...

6.1CVSS6.3AI score0.01635EPSS
Exploits0References6
Drupal
Drupal
added 2015/03/18 12:0 a.m.645 views

Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2015-001

Access bypass Password reset URLs - Drupal 6 and 7 Password reset URLs can be forged under certain circumstances, allowing an attacker to gain access to another user's account without knowing the account's password. In Drupal 7, this vulnerability is mitigated by the fact that it can only be...

6.1CVSS6.8AI score0.01635EPSS
Exploits0References22
Rows per page
Query Builder