EUVD-2009-4014

Malware in sbrugna...

CVE-2015-6808

Cross-site scripting XSS vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title...

PT-2022-22589 · Joplin · Joplin

Name of the Vulnerable Software and Affected Versions: Joplin version 2.8.8 Description: The issue allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. Recommendations: For Joplin version 2.8.8, consider restricting the injection of crafted payloads...

Malicious code in node-title (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e48deb4e94109fe1c6aa6462bcd840fba34d7a47198045030885d6e0f85931a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4890 Malicious code in node-title (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e48deb4e94109fe1c6aa6462bcd840fba34d7a47198045030885d6e0f85931a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cross site scripting

Cross-site scripting XSS vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title...

CVE-2015-6753

Multiple cross-site scripting XSS vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via an 1 entity title, related to in-place editing, or a 2 node title...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Tournament module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via an 1 account username, a 2 node title, or a 3 team entity title...

CVE-2015-4357

Cross-site scripting XSS vulnerability in the Webform module before 6.x-3.22, 7.x-3.x before 7.x-3.22, and 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title, which is used as the default title of a...

Drupal Node Invite Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Node Invite is one of the modules that is similar to RSVP sending invitations via email. A cross-site scripting vulnerability exists in the Drupal Node Invite module versions prior to...

CVE-2015-3392

Cross-site scripting XSS vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

Cross site scripting

Cross-site scripting XSS vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3392

Cross-site scripting XSS vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3386

Cross-site scripting XSS vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3376

Cross-site scripting XSS vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3362

Cross-site scripting XSS vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3361

Cross-site scripting XSS vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3344

Cross-site scripting XSS vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

Cross site scripting

Cross-site scripting XSS vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title...

Cross site scripting

Cross-site scripting XSS vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...