Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Drupal
Drupaladded 2013/10/30 12:0 a.m.21 views

SA-CONTRIB-2013-084 - FileField Sources - Access Bypass

This module expands on the FileField module by allowing you to select new or existing files through additional means, such as re-using files with an auto-complete textfield, attaching server-side files uploaded via FTP, transferring file files from a remote server, pasting a file directly from th...

4CVSS6.4AI score0.01094EPSS
Exploits0References10
Drupal
Drupaladded 2012/09/19 12:0 a.m.30 views

SA-CONTRIB-2012-147 - FileField Sources - Cross Site Scripting (XSS)

The Drupal FileField module lets you upload files from your computer through a CCK field. The FileField Sources module expands on this ability by allowing you to select new or existing files through additional means. The FileField Sources module contains a persistent cross site scripting XSS...

2.1CVSS5.5AI score0.00941EPSS
Exploits0References9
Drupal
Drupaladded 2011/05/18 12:0 a.m.11 views

SA-CONTRIB-2011-021 - Webform - Multiple Vulnerabilities

Webform module enables you to create custom webform or survey nodes. These nodes typically may be created either by editorial teams or administrators. Webform does not sufficiently check directory access when a user configures an upload field. This may allow a user to upload malicious files to th...

6.2AI score
Exploits0References13
Drupal
Drupaladded 2011/01/10 12:0 a.m.7 views

SA-CONTRIB-2011-001 - Webform - SQL Injection

The contributed webform module provides a webform nodetype. Typical uses for webform are to create questionnaires, contact or request/register forms, surveys, polls or a front end to issues tracking systems. The module does not properly use the database API, leading to an SQL Injection...

8.3AI score
Exploits0References8
Drupal
Drupaladded 2010/08/11 12:0 a.m.12 views

SA-CONTRIB-2010-081 - FileField Sources - Arbitrary Code Execution

The FileField Sources module expands on the abilities of FileField, allowing users to select new or existing files through additional means, including: Reuse of existing files through an autocomplete textfield or IMCE, or transfering files directly from remote servers. The module does not sanitiz...

7.9AI score
Exploits0References6
Drupal
Drupaladded 2010/05/05 12:0 a.m.12 views

SA-CONTRIB-2010-041: ImageField - Access Bypass

ImageField provides a file upload field for CCK, allowing files to be attached to a node. ImageField intends to set a default extension of "png jpg gif" for all new fields, but may actually save an empty string allowing all of the "png jpg gif" extensions if an administrator does not save the fie...

7AI score
Exploits0References5
Rows per page
Query Builder