21 matches found
EUVD-2015-5455
Malware in sbrugna...
EUVD-2015-2211
Malware in sbrugna...
EUVD-2015-5454
Malware in sbrugna...
CVE-2015-2101
Cross-site scripting XSS vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Drupal Navigate module cross-site scripting vulnerability (CNVD-2015-05492)
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Navigate is one of the customizable navigation modules that supports rapid deployment. A cross-site scripting vulnerability exists in the Drupal Navigate module. A remote attacker can...
CVE-2015-5500
Cross-site scripting XSS vulnerability in the Navigate module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Navigate module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5499
The Navigate module for Drupal does not properly check permissions, which allows remote authenticated users to modify custom widgets and create widget database records by leveraging the "navigate view" permission...
Code injection
The Navigate module for Drupal does not properly check permissions, which allows remote authenticated users to modify custom widgets and create widget database records by leveraging the "navigate view" permission...
CVE-2015-5499
The Navigate module for Drupal does not properly check permissions, which allows remote authenticated users to modify custom widgets and create widget database records by leveraging the "navigate view" permission...
CVE-2015-5499
The Drupal Navigate module has insufficient permission checks, allowing remote authenticated users to modify custom widgets and create widget records by exploiting the navigate view permission. CVSSv2 base score 4.0 (Medium). No remediation/version details are provided in the supplied documents.
CVE-2015-5500
Cross-site scripting XSS vulnerability in the Navigate module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5500
CVE-2015-5500 is an XSS vulnerability in Drupal’s Navigate module. Public records describe a cross-site scripting flaw that allows remote authenticated users with specific permissions to inject arbitrary script or HTML via unspecified vectors. The available documents identify the affected compone...
Drupal Navigate module cross-site scripting vulnerability
Drupal is a free, open-source content management system developed in the PHP language.Navigate is one of the customizable navigation modules that supports rapid deployment. A cross-site scripting vulnerability exists in the Drupal Navigate module, which allows remote attackers to exploit the...
Drupal Navigate Module Security Bypass Vulnerability
Drupal is a free, open-source content management system developed in the PHP language.Navigate is one of the customizable navigation modules that supports rapid deployment. A security bypass vulnerability exists in the Drupal Navigate module that allows remote attackers to submit special requests...
Drupal Web Links Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. web Links is one of the web link modules. A cross-site scripting vulnerability exists in the Drupal Navigate module, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, whi...
CVE-2015-2101
Cross-site scripting XSS vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2101
Cross-site scripting XSS vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Drupal Navigate module cross-site scripting vulnerability
Drupal is an open source content management platform. A cross-site scripting vulnerability exists in the Drupal Navigate module, which allows remote attackers to exploit this vulnerability to construct malicious URIs that can be tricked into being parsed by the user, which can be used to obtain...