EUVD-2015-5451

Malware in sbrugna...

CVE-2015-5496

The pass2pdf module for Drupal does not restrict access to generated PDF files, which allows remote attackers to obtain user passwords via unspecified vectors...

CVE-2015-5496

CVE-2015-5496 affects the Drupal pass2pdf module. The vulnerability stems from PDFs generated during user registration not being access-restricted, allowing remote attackers to view password information via unspecified vectors (information disclosure). Affected: all versions of the pass2pdf modul...

CVE-2015-5496

The pass2pdf module for Drupal does not restrict access to generated PDF files, which allows remote attackers to obtain user passwords via unspecified vectors...

Drupal pass2pdf module information leakage vulnerability

Drupal is a free, open source content management system developed in PHP. pass2pdf is a module that sends website registration passwords to users in PDF file format. Drupal pass2pdf has a security vulnerability that allows remote attackers to exploit the vulnerability to submit special requests t...

pass2pdf - Critical - Information Disclosure - Unsupported - SA-CONTRIB-2015-109

This module allows you to let users set a password upon registering, and have the password emailed to the user in a PDF file. The module has an Information Disclosure vulnerability. The generated PDF files are not protected. The user passwords are exposed to anonymous users. CVE identifiers issue...