5 matches found
EUVD-2011-1661
Malware in sbrugna...
CVE-2011-1661
The Node Quick Find module 6.x-1.1 for Drupal does not use dbrewritesql when presenting node titles, which allows remote attackers to bypass intended access restrictions and read potentially sensitive node titles via the autocomplete feature...
CVE-2011-1661
The CVE-2011-1661 entry affects the Drupal Node Quick Find module 6.x-1.1. The vulnerability arises because the module does not use db_rewrite_sql when presenting node titles, allowing an attacker to bypass access restrictions and read potentially sensitive node titles via the autocomplete featur...
CVE-2011-1661
The Node Quick Find module 6.x-1.1 for Drupal does not use dbrewritesql when presenting node titles, which allows remote attackers to bypass intended access restrictions and read potentially sensitive node titles via the autocomplete feature...
SA-CONTRIB-2011-016 - Node Quick Find - Information Disclosure
The Node Quick Find module provides a block to quickly access nodes by title via an auto-completing text field. The module does not use dbrewritesql when generating the list of node titles, allowing users to see the titles of nodes to which they may not have access. Access to the node itself is n...