CVE-2013-1859

The Node Parameter Control module 6.x-1.x for Drupal does not properly restrict access to the configuration options, which allows remote attackers to read and edit configuration options via unspecified vectors...

CVE-2013-1859

The vulnerability CVE-2013-1859 affects the Drupal contributed module Node Parameter Control (6.x-1.x). The module does not properly restrict access to its configuration options, enabling remote attackers to read and edit configuration via unspecified vectors. All 6.x-1.x versions are affected; D...

SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass

This module enables you to limit the visibility of the fields on the node edit form. The module doesn't sufficiently check access before allowing users to view and edit the configuration options allowing anonymous and authenticated users the ability to view and edit the configuration options. CVE...

UBUNTU-CVE-2011-5025

Multiple cross-site scripting XSS vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via 1 the tag parameter to editTag.yaws, 2 the index parameter to showOldPage.yaws, 3 the node parameter to allRefsToMe.yaws, or 4 the text paramete...

CVE-2005-1782

Multiple cross-site scripting XSS vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to 1 addreview.htm, 2 suggestreview.htm, 3 suggestcategory.htm, 4 addbooklist.htm, or 5 addurl.htm, the isbn parameter to 6 addreview.htm, ...