4 matches found
Drupal Elysia Cron Module Arbitrary PHP Code Execution Vulnerability
Drupal is a free, open source content management system developed in PHP language maintained by the Drupal community, and Elysia Cron is one of the cron job management modules. An arbitrary PHP code execution vulnerability exists in the Drupal Elysia Cron module. An attacker can exploit the...
Elysia Cron - Critical - Arbitrary PHP code execution - SA-CONTRIB-2016-062
This module enables you to manage cron jobs. The module allows users with the permission "Administer elysia cron" to execute arbitrary PHP code via cron. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "Administer elysia cron". This permission is...
Drupal Elysia Cron Module Cross-Site Scripting Vulnerability
Drupal is the Drupal community maintained by a set of free, open source content management system developed in PHP language , Elysia Cron is one of the cron job management module . A cross-site scripting vulnerability exists in several versions of Elysia Cron, which can be exploited by attackers ...
Elysia Cron - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-052
This module enables you to manage cron jobs. The module doesn't sufficiently sanitize the cron rules which are entered into "Predefined rules" field thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...