10 matches found
EUVD-2015-7158
Malware in sbrugna...
CVE-2015-7227
The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels...
Drupal Fieldable Panels Panes (FPP) Cross-Site Scripting Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in Drupal Fieldable Panels Panes FPP, which allows remote attackers to exploit the vulnerability to inject malicious script or...
Fieldable Panels Panes - Moderately Critical - XSS - SA-CONTRIB-2016-025
This module enables you to create fieldable entities that have special integration with Panels. The module doesn't sufficiently filter the entity title or admin title fields when they are displayed in either the Panels admin UI or the In-Place Editor IPE, allowing for specially crafted XSS attack...
Fieldable Panels Panes - Moderately Critical - Access Bypass - SA-CONTRIB-2016-014
This module enables you to create fieldable entities that have special integration with Panels. The module doesn't check access permissions on a file when it is attached to a field on a Fieldable Panels Panes entity that has been made private and where the file field is set to store files using t...
Drupal Fieldable Panels Panes module security bypass vulnerability
Drupal is a free and open source content management system developed in PHP. Drupal Fieldable Panels Panes fails to check the edit permissions of Fieldable Panels Panes entities, allowing remote attackers to edit panes with the permissions of the edit panel...
CVE-2015-7227
The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels...
Code injection
The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels...
CVE-2015-7227
The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels...
CVE-2015-7227
The CVE-2015-7227 entry affects the Drupal Fieldable Panels Panes module (7.x-1.x) prior to 7.x-1.7. The underlying issue is improper permission checks when editing Fieldable Panels Panes entities, allowing remote authenticated users with general edit permissions to modify panes. Impact is limite...