14 matches found
EUVD-2015-4379
Malware in sbrugna...
EUVD-2012-1670
Malware in sbrugna...
EUVD-2009-4498
Malware in sbrugna...
EUVD-2006-3565
Malware in sbrugna...
CVE-2019-25012
The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by visiting the /rss.xml page. NOTE: This project is not covered by Drupal's security advisory policy...
DRUPAL-CONTRIB-2020-017
This module enables you to build forms and surveys in Drupal. The Webform Node sub-module allows these forms to be associated with a Drupal node. The Webform Node module does not implement access checking in the same manner as other nodes and entities. As such, writers of custom modules which...
DRUPAL-CONTRIB-2020-014
This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently filter user input under in the scenario when a webform is edited, namely the message related to character min/max counter does not undergo sufficient filtering and thus allows execution of JavaScript cod...
DRUPAL-CONTRIB-2020-013
The Webform module allows site builders to create forms. The module doesn't sufficiently prevent malicious code from being render via an options elements i.e select menu, checkboxes, radios, etc... under the scenario where the site builder allows the raw option value to be displayed. This...
Drupal Webform Module Access Bypass Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. An access bypass vulnerability exists in Drupal Webform Module, which can be exploited by an attacker to bypass certain security mechanisms and perform unauthorized...
Drupal Webform CiviCRM Integration模块跨站脚本漏洞
No description provided by source...
Fedora 22 : drupal7-webform-4.7-1.fc22 (2015-5022)
Update to 4.7 - Release notes can be found at https://www.drupal.org/node/2460229 - Security fix for drupal7-webform module - Upstream release notes: https://www.drupal.org/node/2457219 - Release notes can be found at https://www.drupal.org/node/2454063 Note that Tenable Network Security has...
Cross-site scripting vulnerability in Drupal Webform module
Drupal is a developmental CMF Content Management Framework written in the PHP language. A cross-site scripting vulnerability exists in the Drupal Webform module. Because the program fails to properly filter user-supplied text, an attacker can exploit the vulnerability to execute arbitrary script...
Multiple Cross-Site Scripting Vulnerabilities in Drupal Webform Module
Drupal is a developmental CMF Content Management Framework written in the PHP language. Multiple cross-site scripting vulnerabilities exist in the Drupal Webform module. Because the application fails to properly filter user-supplied input, an attacker could exploit the vulnerabilities to execute...
CVE-2009-4207
Cross-site scripting XSS vulnerability in the Webform module 5.x before 5.x-2.7 and 6.x before 6.x-2.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a submission...