6 matches found
EUVD-2012-5435
Malware in sbrugna...
CVE-2021-25001
The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjcreateproductsxmlresult parameter before outputting back in the admin dashboard when the Product XML Feeds module is enabled, leading to a Reflected Cross-Site Scripting issue...
CVE-2012-5543
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes via a crafted source feed...
Code injection
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes via a crafted source feed...
CVE-2012-5543
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes via a crafted source feed...
CVE-2012-5543
The CVE-2012-5543 issue affects the Drupal Feeds module (7.x-2.x) prior to 7.x-2.0-alpha6. The root cause is improper permission checks when a field is mapped to the node author, enabling remote attackers to create arbitrary nodes via a crafted source feed. Affected software is the Feeds module f...