20 matches found
EUVD-2008-6106
Malware in sbrugna...
EUVD-2008-6105
Malware in sbrugna...
EUVD-2008-6104
Malware in sbrugna...
CVE-2008-6134
SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2008-6136
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to gain privileges as another user or an administrator via unknown attack vectors...
Authentication flaw
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions via unknown vectors...
Code injection
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to gain privileges as another user or an administrator via unknown attack vectors...
CVE-2008-6137
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions via unknown vectors...
Sql injection
SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-6135
Cross-site scripting XSS vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-6137
CVE-2008-6137 affects Drupal via the EveryBlog module (versions 5.x and 6.x). The vulnerability allows remote attackers to bypass access restrictions. The connected documents confirm the affected component but do not provide explicit root cause analysis, exploit details, affected configurations, ...
CVE-2008-6135
Cross-site scripting XSS vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-6135
CVE-2008-6135 is an XSS vulnerability in the EveryBlog module (Drupal) for versions 5.x and 6.x. The affected component is the EveryBlog module; the root cause is an input handling/output sanitization flaw that permits remote attackers to inject arbitrary web script or HTML. The provided document...
CVE-2008-6137
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions via unknown vectors...
CVE-2008-6136
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to gain privileges as another user or an administrator via unknown attack vectors...
CVE-2008-6134
SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2008-6134
CVE-2008-6134 describes an SQL injection vulnerability in the EveryBlog Drupal module (versions 5.x and 6.x). The flaw allows remote attackers to execute arbitrary SQL commands via unspecified vectors, with a CVSS v2 base score of 7.5 (HIGH) and network attack vector, low attack complexity, no au...
CVE-2008-6136
Technical details about CVE-2008-6136 are not publicly provided in the supplied documents. Monitor for updates from official advisories; current sources describe an unspecified Drupal module vulnerability without concrete affected versions, vectors, or fixes.
SA-2008-061 - Everyblog - Multiple vulnerabilities
The module does not follow Drupal best practices for database queries and handling of user submitted data, leading to a number of vulnerabilities. Of special concern is that an unprivileged user may become logged in to the account of an existing user, including an administrator. Versions Affected...