Lucene search
K

4 matches found

Prion
Prion
added 2012/07/25 9:55 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Taxonomy Grid : Catalog module for Drupal 6.x-1.6 and earlier allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00946EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2012/07/25 9:0 p.m.41 views

CVE-2012-2308

CVE-2012-2308 describes a Cross-Site Scripting (XSS) vulnerability in the Drupal contributed module Taxonomy Grid: Catalog for Drupal 6.x-1.6 and earlier. The issue arises because user-supplied text is not properly filtered, allowing remote authenticated users with certain permissions to inject a...

3.5CVSS5.4AI score0.00946EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2010/09/08 12:0 a.m.16 views

SA-CONTRIB-2010-090 - Yr Weatherdata - SQL Injection

The Yr Weatherdata module displays weather forecasts, and enables users with the proper permission to set the sort method. When setting the sorting method the module does not filter the value input by the user correctly. This vulnerability can be exploited to perform an SQL Injection attack...

8.3AI score
Exploits0References7
CVE
CVE
added 2009/09/30 3:0 p.m.46 views

CVE-2009-3488

CVE-2009-3488 describes a cross-site scripting (XSS) vulnerability in Drupal’s Bibliography (Biblio) module, version 6.x-1.6, where remote authenticated users with content-creation privileges can inject arbitrary scripts or HTML via the Title field. The connected records corroborate a related XSS...

2.1CVSS5.4AI score0.00837EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder