Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.40 views

Ubuntu 16.04 ESM : Drupal vulnerabilities (USN-4773-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4773-1 advisory. It was discovered that Drupal did not properly process certain input. An attacker could use this vulnerability to execute arbitrary code or completely...

9.8CVSS7.9AI score0.99993EPSS
Exploits58References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.31 views

Mageia: Security Advisory (MGASA-2015-0121)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.01647EPSS
Exploits0References8
NVD
NVD
added 2017/09/13 4:29 p.m.15 views

CVE-2015-2750

Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence...

6.1CVSS6.3AI score0.01376EPSS
Exploits0References6
Cvelist
Cvelist
added 2017/09/13 4:0 p.m.26 views

CVE-2015-2750

Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence...

6.2AI score0.01376EPSS
Exploits0References6
CVE
CVE
added 2017/09/13 4:0 p.m.75 views

CVE-2015-2750

CVE-2015-2750 is an open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 that allows remote attackers to redirect users to arbitrary sites and facilitate phishing via the // sequence. The issue affects Drupal’s URL-related API functions; there is no exploitation detail in the...

6.1CVSS6.1AI score0.01376EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2017/09/13 4:0 p.m.25 views

CVE-2015-2750

Removed by vendor...

6.1CVSS6.2AI score0.01376EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.77 views

Drupal 6.x < 6.35 / 7.x < 7.35 Multiple Vulnerabilities

The remote web server is running a version of Drupal that is 6.x prior to 6.35 or 7.x prior to 7.35. It is, therefore, potentially affected by the following vulnerabilities : - An access bypass vulnerability exists in which password reset URLs can be forged. This allows a remote attacker to gain...

6.1CVSS6.3AI score0.01647EPSS
Exploits0References6
Drupal
Drupal
added 2015/03/18 12:0 a.m.644 views

Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2015-001

Access bypass Password reset URLs - Drupal 6 and 7 Password reset URLs can be forged under certain circumstances, allowing an attacker to gain access to another user's account without knowing the account's password. In Drupal 7, this vulnerability is mitigated by the fact that it can only be...

6.1CVSS6.8AI score0.01647EPSS
Exploits0References22
Rows per page
Query Builder