4 matches found
CVE-2015-7880
The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to obtain sensitive event registration information by leveraging the "Register other accounts" permission and knowledge of usernames...
CVE-2015-7880
The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to obtain sensitive event registration information by leveraging the "Register other accounts" permission and knowledge of usernames...
CVE-2015-7880
Affected product: Drupal Entity Registration module (7.x-1.x) prior to 7.x-1.5. Vulnerability: information disclosure where remote attackers could obtain sensitive event registration data by abusing the "Register other accounts" permission and knowledge of usernames. Impact: unauthorized disclosu...
Entity Registration - Moderately Critical - Information Disclosure - SA-CONTRIB-2015-155
This module enables you to manage registrations for events. The module doesn't sufficiently protect information about who is registered to attend specific events when anonymous users are granted a permission that is commonly recommended when allowing anonymous registrations. This vulnerability is...