36 matches found
EUVD-2009-3139
Malware in sbrugna...
EUVD-2014-5067
Malware in sbrugna...
EUVD-2020-22940
Malware in sbrugna...
EUVD-2012-1636
Malware in sbrugna...
CVE-2020-35262
Cross Site Scripting XSS vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter...
CVE-2020-35262
Cross Site Scripting XSS vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter...
CVE-2020-35262
Cross Site Scripting XSS vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter...
CVE-2020-35262
CVE-2020-35262 affects Digisol DG-HR3400 with a Cross Site Scripting (XSS) vulnerability exploitable via the NTP configuration server name in the Time and date module and the Keyword field in URL Filter. Public details and CVSS metrics in NVD indicate a network-exploitable flaw (CVSS v3.1 base sc...
Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: Out-Of-Bounds Read in timelibmeridian in the Date module php75055. Arcfour encryption stream filter crashes php-mcrypt php72535...
MGASA-2017-0412 Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: Out-Of-Bounds Read in timelibmeridian in the Date module php75055. Arcfour encryption stream filter crashes php-mcrypt php72535...
CVE-2014-5169
Cross-site scripting XSS vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title...
CVE-2014-5169
Cross-site scripting XSS vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title...
Cross site scripting
Cross-site scripting XSS vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title...
CVE-2014-5169
Cross-site scripting XSS vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title...
CVE-2014-5169
CVE-2014-5169 is a Cross‑Site Scripting (XSS) vulnerability in the Drupal Date module before 7.x-2.8. It allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title. Impact is partial integrity (I:P) with no confiden...
CVE-2012-1626
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-1626
CVE-2012-1626 affects the Drupal Date module (Date 6.x-2.x) prior to 6.x-2.8. The vulnerability is an SQL injection in the conversion form for Events, exploitable by remote authenticated users who have the "administer Date Tools" permission, via unspecified vectors. The root cause is an injection...
[SECURITY] Fedora 16 Update: drupal6-date-2.8-1.fc16
The Date API is available to be used by other modules and is not dependent on having CCK installed. The date module is a flexible date/time field type for the cck content module which requires the CCK content.module and the Date API module...
SA-CONTRIB-2012-004 - Date - SQL injection
CVE: CVE-2012-1626 This module enables you to add and administer date fields to nodes. It includes Date Tools, that allows users to convert nodes created with the Event module into Date fields. The conversion form for Events is vulnerable to SQL injection. This vulnerability is mitigated by the...