8 matches found
EUVD-2015-1700
Malware in sbrugna...
CVE-2015-1568
Cross-site request forgery CSRF vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scroll settings" permission for requests that delete settings via unspecified vectors...
CVE-2015-1567
Cross-site scripting XSS vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" permission to inject arbitrary web script or HTML via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scroll settings" permission for requests that delete settings via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-1568
The CVE-2015-1568 entry concerns the Drupal GD Infinite Scroll contributed module, affected versions prior to 7.x-1.4. It describes a Cross-Site Request Forgery (CSRF) vulnerability that allows remote attackers to hijack the authentication of users who have the permission to edit GD Infinite Scro...
CVE-2015-1568
Cross-site request forgery CSRF vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scroll settings" permission for requests that delete settings via unspecified vectors...
CVE-2015-1567
Cross-site scripting XSS vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" permission to inject arbitrary web script or HTML via unspecified vectors...