EUVD-2015-3388

Malware in sbrugna...

Sokrates SOWA SowaSQL 跨站脚本漏洞

sokrates Sokrates SOWA SowaSQL is an administrative database applied to the library environment by the Polish company sokrates. A cross-site scripting vulnerability exists in Sokrates SOWA SowaSQL version 5.6.1 and earlier versions, which originates from the sowacgi.php typ parameter, OPAC is...

Drupal OPAC module cross-site request forgery vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.OPAC is one of the modules that supports the integration of catalogs from libraries into Drupal. A cross-site request forgery vulnerability exists in Drupal OPAC module versions prior t...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors...

CVE-2015-3343

The Drupal OPAC module (7.x-2.x) is vulnerable to a Cross-Site Request Forgery (CSRF) that allows remote attackers to hijack user authentication and remove mappings, because the module does not require confirmation when removing a mapping. Affected versions are OPAC 7.x-2.x prior to 7.x-2.3. The ...