10 matches found
EUVD-2008-3086
Malware in sbrugna...
Drupal Outline Designer Cross-Site Scripting Vulnerability
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Outline Designer is one of the user experience modules for library management. A cross-site scripting vulnerability exists in Drupal Outline Designer versions 7.x-2.x prior to 7.x-2.3,...
Outline Designer - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-035
This module enables you to mass administer book outlines and perform common operations through one interface, improving the usability for the book module. The module doesn't sufficiently sanitize titles when presenting them on this interface. This vulnerability is mitigated by the fact that an...
SA-CONTRIB-2010-105 - Outline Designer - Cross Site Request Forgery
Outline Designer allows for easier creation and management of items in a Book. The Outline Designer modules does not properly protect some of its paths against Cross Site Request Forgeries CSRF, allowing an attacker to get a user with the permission to administer site configuration to change any...
CVE-2008-3096
The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each content reader's authentication level to match that of the content author, which might allow remote attackers to gain privileges...
Authentication flaw
The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each content reader's authentication level to match that of the content author, which might allow remote attackers to gain privileges...
CVE-2008-3096
The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each content reader's authentication level to match that of the content author, which might allow remote attackers to gain privileges...
CVE-2008-3096
The CVE-2008-3096 issue affects the Drupal Outline Designer module (5.x before 5.x-1.4). The vulnerability arises because the module changes each content reader’s authentication level to match that of the content author, potentially allowing remote attackers to gain privileges. Documented affecte...
Drupal Outline Designer Module 'outline_designer.module'安全绕过漏洞
BUGTRAQ ID: 30066 CNCAN ID:CNCAN-2008070703 Drupal Outline Designer是一款提供书目中可视的内容结构。 Drupal Outline Designer存在设计错误,远程攻击者可以利用漏洞获得对限制用户的内容查看。 目前没有详细漏洞细节提供。 Drupal Outline designer 5.x-1.3 升级到最新版本: http://drupal.org/node/277851...
SA-2008-043 - Outline designer - Privilege escalation
The Outline designer module provides a visual way of structuring content in books. A programming error in the module causes the current user to become authenticated as the author of the viewed content item. Versions affected Outline designer for Drupal 5.x prior to 5.x-1.4. Drupal core is not...