146 matches found
MiracleLinux 3 : drupal-6.30-1.AXS3 (AXSA:2014-234:01)
The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-234:01 advisory. Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content ...
EUVD-2015-6598
Malware in sbrugna...
EUVD-2023-1267
Malicious code in bioql PyPI...
EUVD-2022-4500
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-25273
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow a...
WordPress plugin Contact Form to Any API 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
PT-2024-23289 · Unknown · Contact Form To Any Api
Name of the Vulnerable Software and Affected Versions: Contact Form to Any API versions 1.1.8 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by...
BIT-DRUPAL-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
BIT-DRUPAL-2022-25271
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
BIT-DRUPAL-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
MAL-2023-8457 Malicious code in fa-icdc-form-api-bdt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24842401e160323f0909c7f6e561fbaa5cbdb6f3b5e3c0dfe2a4dd0fe1877e5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in fa-icdc-form-api-bdt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24842401e160323f0909c7f6e561fbaa5cbdb6f3b5e3c0dfe2a4dd0fe1877e5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2023-24427 · H3C · H3C Magic R300
Name of the Vulnerable Software and Affected Versions: H3C Magic R300 version R300-2100MV100R004 Description: A stack overflow issue was discovered via the SetAPWifiorLedInfoById interface at the "/goform/aspForm" API endpoint. Recommendations: For H3C Magic R300 version R300-2100MV100R004,...
PT-2023-24425 · H3C · H3C Magic R300
Name of the Vulnerable Software and Affected Versions: H3C Magic R300 version R300-2100MV100R004 Description: A stack overflow issue was discovered via the SetMobileAPInfoById interface at the "/goform/aspForm" API endpoint. Recommendations: For H3C Magic R300 version R300-2100MV100R004, consider...
Improper input validation in Drupal core
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
GHSA-G36H-4JR6-QMM9 Improper input validation in Drupal core
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
CVE-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
CVE-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
UBUNTU-CVE-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...
CVE-2022-25278
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...