EUVD-2015-5456

Malware in sbrugna...

EUVD-2012-2688

Malware in sbrugna...

Design/Logic Flaw

The Hostmaster Aegir module 6.x-2.x before 6.x-2.4 and 7.x-3.x before 7.x-3.0-beta2 for Drupal allows remote attackers to execute arbitrary PHP code via a crafted file in the directory used to write Apache vhost files for hosted sites in a multi-site environment...

CVE-2015-5501

The Hostmaster Aegir module 6.x-2.x before 6.x-2.4 and 7.x-3.x before 7.x-3.0-beta2 for Drupal allows remote attackers to execute arbitrary PHP code via a crafted file in the directory used to write Apache vhost files for hosted sites in a multi-site environment...

Drupal Hostmaster Module Remote Code Execution Vulnerability

Drupal is a free and open source content management system developed in PHP. A security vulnerability exists in the Drupal Hostmaster module that allows remote attackers to exploit the vulnerability to submit special requests and execute arbitrary code...

Cross site scripting

Cross-site scripting XSS vulnerability in the hostingtasklogtable function in modules/hosting/task/hostingtask.module in the Hostmaster Aegir module 6.x-1.x before 6.x-1.9 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a Drush log...

CVE-2012-2707

The Hostmaster Aegir module 6.x-1.x before 6.x-1.9 for Drupal does not properly exit when users do not have access to package/task nodes, which allows remote attackers to bypass intended access restrictions and edit unauthorized nodes...

CVE-2012-2707

CVE-2012-2707 affects the Hostmaster (Aegir) Drupal module (6.x-1.x) prior to 6.x-1.9. The issue is that the module does not properly exit when users lack access to package/task nodes, allowing remote attackers to bypass access restrictions and edit unauthorized nodes. This is a server-side acces...