16 matches found
EUVD-2015-6691
Malware in sbrugna...
EUVD-2015-3436
Malware in sbrugna...
CVE-2015-6754
Cross-site scripting XSS vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6754
Cross-site scripting XSS vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6754
CVE-2015-6754 affects the Drupal Path Breadcrumbs module (7.x-3.x) prior to 7.x-3.3. The root cause is insufficient input filtering in the module’s administration interface, enabling remote authenticated users with the Administer Path Breadcrumbs permission to inject arbitrary web script or HTML....
CVE-2015-6754
Cross-site scripting XSS vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors...
Fedora 22 : drupal7-path_breadcrumbs-3.3-1.fc22 (2015-11858)
7.x-3.3 See SA-CONTRIB-2015-133 - New token %site:current-page:path-menu-trail:pb-join: is an alternative approach to build breadcrumbs based on path hierarchy. - Fixed 2473109: Destination parameter is present but doesn't work during editing breadcrumb - Other improvements and fixes. Note that...
Drupal Path Breadcrumbs Module Cross-Site Scripting Vulnerability
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Path Breadcrumbs is one of the website breadcrumb path modules. A cross-site scripting vulnerability exists in the Drupal Path Breadcrumbs module in versions 7.x-3.3 prior to 7.x-3.x. T...
Path Breadcrumbs - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-133
This module enables you to configure breadcrumbs for any Drupal page. The module didn't sufficiently filter user input values the in administration interface. This vulnerability was mitigated by the fact that an attacker must have a role with the permission "Administer Path Breadcrumbs". CVE...
CVE-2015-3391
The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page...
Path traversal
The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page...
CVE-2015-3391
CVE-2015-3391 affects the Drupal Path Breadcrumbs module prior to 7.x-3.2. The issue allows remote attackers to bypass access controls and read the 403 page to obtain sensitive node titles. The root cause is improper access restriction checks on 403 Not Found pages. Affected versions are Path Bre...
Fedora 21 : drupal7-path_breadcrumbs-3.2-1.fc21 (2015-1882)
SA-CONTRIB-2015-037 - Access Bypass Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Drupal Path Breadcrumbs Module Access Bypass Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. An access bypass vulnerability exists in the Drupal Path Breadcrumbs module that could allow an attacker to bypass certain security restrictions and perform unauthorized...
SA-CONTRIB-2015-037 - Path Breadcrumbs - Access Bypass
This module enables you to configure breadcrumbs for any Drupal page. The module doesn't check node access on 403 Not Found pages. As a result, unpublished content data can be shown to unprivileged user. This vulnerability is mitigated by the fact that it is possible to configure proper access...