15 matches found
EUVD-2014-5077
Malware in sbrugna...
EUVD-2024-51484
Malicious code in bioql PyPI...
CVE-2024-13270
Incorrect Authorization vulnerability in Drupal Freelinking allows Forceful Browsing.This issue affects Freelinking: from 0.0.0 before 4.0.1...
CVE-2024-13270
Incorrect Authorization vulnerability in Drupal Freelinking allows Forceful Browsing.This issue affects Freelinking: from 0.0.0 before 4.0.1...
CVE-2024-13270 Freelinking - Moderately critical - Information Disclosure - SA-CONTRIB-2024-034
Incorrect Authorization vulnerability in Drupal Freelinking allows Forceful Browsing.This issue affects Freelinking: from 0.0.0 before 4.0.1...
CVE-2024-13270 Freelinking - Moderately critical - Information Disclosure - SA-CONTRIB-2024-034
Incorrect Authorization vulnerability in Drupal Freelinking allows Forceful Browsing.This issue affects Freelinking: from 0.0.0 before 4.0.1...
CVE-2024-13270
The CVE-2024-13270 entry relates to the Drupal Freelinking module. Both NVD/NVD-derived and Drupal security advisory data indicate an Incorrect Authorization vulnerability in Freelinking prior to 4.0.1, which enables forceful browsing via insufficient access checks when rendering links. The issue...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Freelinking prior to version 4.0.1, which stems from the inclusion of an authorization error vulnerability...
Drupal Freelinking module < 4.0.1 - Authenticated Sensitive Data Exposure vulnerability
Authenticated Sensitive Data Exposure vulnerability discovered by Matthew Radcliffe in WordPress Module Freelinking versions 4.0.1...
Freelinking - Moderately critical - Information Disclosure - SA-CONTRIB-2024-034
This module enables you to configure a wiki-like input filter that allows users to create links to site and external content. The module doesn't sufficiently check if a user has access to some URLs before rendering them as links. This vulnerability is mitigated by the fact that an attacker must...
SA-CONTRIB-2014-109 - Freelinking - Cross Site Scripting (XSS)
The Freelinking module implements a filter framework for easier creation of HTML links to other pages on the site or to external sites. The module does not sanitize the node title when providing a link to the node, opening a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated ...
CVE-2014-5179
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for 1 nodes or 2 users, which allows remote attackers to obtain sensitive information via a crafted link...
Design/Logic Flaw
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for 1 nodes or 2 users, which allows remote attackers to obtain sensitive information via a crafted link...
CVE-2014-5179
The Drupal freelinking and Freelinking Case Tracker contributed modules contain an access control bypass flaw: the modules do not sufficiently check permissions when displaying links to nodes and users, enabling remote retrieval of sensitive information via crafted links. This affects all version...
CVE-2014-5179
The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for 1 nodes or 2 users, which allows remote attackers to obtain sensitive information via a crafted link...