Lucene search
K

6 matches found

Drupal
Drupal
added 2008/01/10 12:0 a.m.489 views

SA-2008-006 - Drupal core - Cross site scripting (UTF8)

When outputting plaintext Drupal strips potentially dangerous HTML tags and attributes from HTML, and escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte sequences that are invalid in the...

6.5AI score
Exploits0References7
Drupal
Drupal
added 2007/10/17 12:0 a.m.16 views

SA-2007-029 - Drupal core - User deletion cross site request forgery

The Drupal Forms API protects against cross site request forgeries CSRF, where a malicous site can cause a user to unintentionally submit a form to a site where he is authenticated. The user deletion form does not follow the standard Forms API submission model and is therefore not protected again...

6.7AI score
Exploits0References3
securityvulns
securityvulns
added 2007/03/14 12:0 a.m.51 views

n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation

n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.006 14-Mar-2007 Vendor: Mayflower GmbH, http://www.mayflower.de Affected Products: PHProjekt 5.2.0 Vulnerability: Privilege escalation Risk: HIGH Vendor communication: 2006/12/31 initial notification of Mayflower 2007/01/02...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/14 12:0 a.m.55 views

n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery

n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.005 14-Mar-2007 Vendor: Mayflower GmbH, http://www.mayflower.de Affected Products: PHProjekt 5.2.0 Vulnerability: Cross Site Request Forgery Risk: HIGH Vendor communication: 2006/12/31 initial notification of Mayflower 2007/01/0...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2007/03/14 12:0 a.m.47 views

n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion

n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.004 14-Mar-2007 Vendor: Mayflower GmbH, http://www.mayflower.de Affected Products: PHProjekt 5.2.0 Vulnerability: Cross Site Scripting and Filter Evasion Risk: HIGH Vendor communication: 2006/12/31 initial notification of...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2007/03/14 12:0 a.m.52 views

n.runs-SA-2007.003 - PHProjekt 5.2.0 - SQL Injection

n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.003 14-Mar-2007 Vendor: Mayflower GmbH, http://www.mayflower.de Affected Products: PHProjekt 5.2.0 Vulnerability: SQL Injection Risk: HIGH Vendor communication: 2006/12/31 initial notification of Mayflower 2007/01/02 Mayflower...

7.8AI score
Exploits0
Rows per page
Query Builder