EUVD-2017-0341

Malware in sbrugna...

Printer, email and PDF versions - Critical - Unsupported - SA-CONTRIB-2022-022

Update 2022-05-31. A past and new maintainers have created a fix and new releases which include fixes for the security issue that caused the module to be unsupported. The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by...

The vulnerability of the printDirect function in the node-printer module for the Node.js platform allows a hacker to execute arbitrary commands.

The vulnerability of the printDirect function in the node-printer module for the Node.js platform is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the “lpr” command...

CVE-2014-3741

The printDirect function in lib/printer.js in the node-printer module 0.0.1 and earlier for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in the lpr command...

Cross site scripting

Cross-site scripting XSS vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATHINFO...

CVE-2012-2084

The CVE-2012-2084 case affects Drupal’s Printer, email and PDF versions module (6.x-1.x before 6.x-1.15; 7.x-1.x before 7.x-1.0). The root cause is insufficient escaping of URL elements when rendering content, allowing remote attackers to inject arbitrary scripts/HTML (XSS) via likely PATH_INFO v...

CVE-2012-2084

Cross-site scripting XSS vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATHINFO...

DRUPAL-SA-CONTRIB-2009-073 - Printer, e-mail and PDF versions multiple vulnerabilities

The Printer, e-mail and PDF versions "print" module provides printer-friendly versions of content. When displaying the list of links in a page, the module does not properly escape this data, leading to a cross site scripting XSS vulnerability. In addition, the "Send by e-mail" sub-module does not...

SA-CONTRIB-2009-052 - Printer, e-mail and PDF versions - Cross site scripting

The Printer, e-mail and PDF versions "Print" module provides printer-friendly versions of content. The module doesn't properly escape a number of user-supplied variables before output. A user who has the permission to add content could attempt a cross site scripting XSS attack which may in some...

SA-CONTRIB-2009-027 - Printer, e-mail and PDF versions - Cross-site scripting

When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte sequences that are valid in the UTF-...

SA-CONTRIB-2009-020 - Print - Cross site scripting

The Printer, e-mail and PDF versions "Print" module provides printer-friendly versions of content. The module does not correctly escape content titles, enabling malicious users to insert arbitrary HTML and scripts into certain pages. Such a cross site scripting XSS attack against sufficiently...

Design/Logic Flaw

Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API...