Lucene search
K

6 matches found

Prion
Prion
added 2012/10/31 4:55 p.m.10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Excluded Users module 6.x-1.x before 6.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via a 1 user name or 2 email address...

4.3CVSS6AI score0.01161EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2012/09/20 10:55 a.m.17 views

CVE-2011-5188

Cross-site scripting XSS vulnerability in the Support Timer module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "track time spent" permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.3AI score0.00941EPSS
Exploits0References5
NVD
NVD
added 2012/09/19 9:55 p.m.10 views

CVE-2012-1640

Multiple cross-site scripting XSS vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 for Drupal allow remote authenticated users with "administer managesite" permissions to inject arbitrary web script or HTML via the title parameter when 1 adding or 2 updating a category...

2.1CVSS5.5AI score0.01041EPSS
Exploits0References6
NVD
NVD
added 2012/07/25 9:55 p.m.21 views

CVE-2012-2302

Site Documentation Sitedoc module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors...

5CVSS6.2AI score0.01663EPSS
Exploits1References6
Cvelist
Cvelist
added 2012/07/25 9:0 p.m.24 views

CVE-2012-2296

The Janrain Engage formerly RPX module for Drupal 6.x-1.x. 6.x-2.x before 6.x-2.2, and 7.x-2.x before 7.x-2.2 stores user profile data from Engage in session tables, which might allow remote attackers to obtain sensitive information by leveraging a separate vulnerability...

6.2AI score0.01563EPSS
Exploits0References7
Drupal
Drupal
added 2012/06/13 12:0 a.m.19 views

SA-CONTRIB-2012-100 - SimpleMeta - Cross Site Request Forgery (CSRF)

The Simple Meta module provides a method to set meta tags, such as page title, description and keywords for nodes, views and other pages. The module doesn't sufficiently confirm user intent when adding and deleting meta tag entries allowing a malicious user to trick a site admin into deleting...

6.8CVSS6.3AI score0.00993EPSS
Exploits0References10
Rows per page
Query Builder