6 matches found
Ubuntu 16.04 ESM : Drupal vulnerabilities (USN-4773-1)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4773-1 advisory. It was discovered that Drupal did not properly process certain input. An attacker could use this vulnerability to execute arbitrary code or completely...
Mageia: Security Advisory (MGASA-2015-0121)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-2749
Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...
CVE-2015-2749
CVE-2015-2749 is an open redirect vulnerability in Drupal. The affected software is Drupal 6.x prior to 6.35 and Drupal 7.x prior to 7.35. The vulnerability enables remote attackers to redirect users to arbitrary websites and potentially facilitate phishing through a destination parameter. Exploi...
Drupal 6.x < 6.35 / 7.x < 7.35 Multiple Vulnerabilities
The remote web server is running a version of Drupal that is 6.x prior to 6.35 or 7.x prior to 7.35. It is, therefore, potentially affected by the following vulnerabilities : - An access bypass vulnerability exists in which password reset URLs can be forged. This allows a remote attacker to gain...
Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2015-001
Access bypass Password reset URLs - Drupal 6 and 7 Password reset URLs can be forged under certain circumstances, allowing an attacker to gain access to another user's account without knowing the account's password. In Drupal 7, this vulnerability is mitigated by the fact that it can only be...