24 matches found
CVE-2025-8675 AI SEO Link Advisor - Less critical - Server-side Request Forgery - SA-CONTRIB-2025-095
Server-Side Request Forgery SSRF vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue affects AI SEO Link Advisor: from 0.0.0 before 1.0.6...
Group - Less critical - Access bypass - SA-CONTRIB-2023-054
The Group module has the ability to make content private to specific groups. When viewing a list of entities, e.g. nodes, a visitor should only see those entities that are either not attached to a group or that they have group access to. The module doesn't sufficiently enforce list access under t...
Dynamic Banner - Less critical - Cross site scripting - SA-CONTRIB-2018-011
This module enables a site to display different banners via blocks on different pages depending upon specific criteria. The module doesn't sufficiently filter output of banner data. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer...
[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability
HTTPCS Advisory : HTTPCS127 Product : ClanSphere Version : 2011.4 Date : 2014-03-07 Criticality level : Less Critical Description : A vulnerability has been discovered in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'where'...
AShop 5.3.4 Cross Site Scripting
HTTPCS Advisory : HTTPCS104 Product : AShop Version : 5.3.4 Date : 2012-09-20 Criticality level : Less Critical Description : A vulnerability has been discovered in AShop, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'language' parameter...
InterPhoto Image Gallery 2.5.1 Cross Site Scripting
HTTPCS Advisory : HTTPCS67 Product : InterPhoto Image Gallery Version : 2.5.1 Date : 2012-08-07 Criticality level : Less Critical Description : A vulnerability has been discovered in InterPhoto Image Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks. Inpu...
phpList 2.10.18 Cross Site Scripting
HTTPCS Advisory : HTTPCS25 Product : phpList Version : 2.10.18 Date : 2012-07-09 Criticality level : Less Critical Description : A vulnerability has been discovered in phpList, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'footer'...
phpList 2.10.18 Cross Site Scripting
HTTPCS Advisory : HTTPCS1 Product : phpList Version : 2.10.18 Date : 2012-06-13 Criticality level : Less Critical Description : A vulnerability has been discovered in phpList, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'id' parameter t...
Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities
====================================================================== Secunia Research 09/04/2012 - RealNetworks Helix Server SNMP Master Agent - - Two Denial of Service Vulnerabilities - ====================================================================== Table of Contents Affected...
Fedora 16 : drupal7-7.6-1.fc16 (2011-10020)
Remember to log in as the admin user prior to RPM upgrade to perform DB upgrade. - Advisory ID: DRUPAL-SA-CORE-2011-003 - Project: Drupal core 1 - Version: 7.x - Date: 2011-July-27 - Security risk: Less critical 2 - Exploitable from: Remote - Vulnerability: Access bypass -------- DESCRIPTION Note...
Fedora 14 : drupal7-7.6-1.fc14 (2011-9893)
Remember to log in as the admin user prior to RPM upgrade to perform DB upgrade. - Advisory ID: DRUPAL-SA-CORE-2011-003 - Project: Drupal core 1 - Version: 7.x - Date: 2011-July-27 - Security risk: Less critical 2 - Exploitable from: Remote - Vulnerability: Access bypass -------- DESCRIPTION Note...
Secunia Research: UltraISO Image Name Parsing Format String Vulnerabilities
====================================================================== Secunia Research 01/04/2009 - UltraISO Image Name Parsing Format String Vulnerabilities - ====================================================================== Table of Contents Affected...
WmsCMS < = 2.0 Multiple XSS Vulnerabilities
Application: WmsCMS Vendors Url: http://www.web-master.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WmsCMS is a web-based CMS system Google Dork: "Powered by WMS-CMS" Affected...
wmscms-xss.txt
Application: WmsCMS Vendors Url: http://www.web-master.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WmsCMS is a web-based CMS system Google Dork: "Powered by WMS-CMS" Affected...
[Full-disclosure] [DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue
---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2007-002 ---------------------------------------------------------------------------- Project: Drupal core. Date: 2007-Jan-05. Security risk: Less critical. Exploitable from: Remote...
[SA21578] phpCodeGenie "BEAUT_PATH" File Inclusion Vulnerability
TITLE: phpCodeGenie "BEAUTPATH" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA21578 VERIFY ADVISORY: http://secunia.com/advisories/21578/ CRITICAL: Less critical IMPACT: System access WHERE: From remote SOFTWARE: phpCodeGenie 3.x http://secunia.com/product/4141/ DESCRIPTION: Kacper has...
[Full-disclosure] [DRUPAL-SA-2006-011] Drupal 4.7.3 / 4.6.9 fixes XSS issue
---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2006-011 ---------------------------------------------------------------------------- Advisory ID: DRUPAL-SA-2006-011 Project: Drupal core Date: 2006-Aug-02 Security risk: less critical...
[SA21161] Novell Client Firewall Privilege Escalation Vulnerability
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
jax.txt
Jax Guestbook Cross Site Scripting Vulnerability Risk: Less Critical Class: Remote Version: 3.50 ----------------------------------------------------------------- Example: http://target/path/guestbook.admin.php?action=list&guestbookid=0&language=german&gmtofs=0&page=code...
dir.txt
Directory Listing Script Cross Site Scripting Risk: Less critical Class: Remote Script: Directory Listing Script Version: not define ---------------------------------------------------------------------------- Example: http://target/path/index.php?dir=code...