CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2009-4490

Malware in sbrugna...

4.3CVSS6.4AI score0.00404EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2012-2291

Malware in sbrugna...

4.3CVSS6.4AI score0.00672EPSS

Exploits1References10

NVD•added 2012/08/14 10:55 p.m.•13 views

CVE-2012-2298

Multiple cross-site scripting XSS vulnerabilities in the RealName module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 "user names in page titles" and 2 "autocomplete callbacks."...

4.3CVSS5.7AI score0.00672EPSS

Exploits1References9

CVE•added 2012/08/14 10:0 p.m.•39 views

CVE-2012-2298

The CVE-2012-2298 issue concerns vulnerabilities in the Drupal RealName module (6.x-1.x) prior to 6.x-1.5. The root cause is inadequate escaping of user-provided data, enabling remote attackers to inject arbitrary script/HTML via two vectors: (1) user names in page titles and (2) autocomplete cal...

4.3CVSS5.8AI score0.00672EPSS

Exploits1References9Affected Software2

Cvelist•added 2012/08/14 10:0 p.m.•18 views

CVE-2012-2298

5.7AI score0.00672EPSS

Exploits1References9

Drupal•added 2012/04/25 12:0 a.m.•20 views

SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS)

CVE: CVE-2012-2298 This module allows you to set a pattern for constructing "Real names" for users out of profile fields. The module does not sufficiently escape users' real names under certain circumstances which could lead to a Cross-Site Scripting XSS attack. Versions affected RealName 6.x-1.x...

4.3CVSS5.5AI score0.00672EPSS

Exploits1References11

Prion•added 2009/12/31 7:30 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname aka real name element...

4.3CVSS6.1AI score0.00404EPSS

Exploits0References6Affected Software1

NVD•added 2009/12/31 7:30 p.m.•7 views

CVE-2009-4524

Cross-site scripting XSS vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname aka real name element...

4.3CVSS5.7AI score0.00404EPSS

Exploits0References6

Cvelist•added 2009/12/31 7:0 p.m.•14 views

CVE-2009-4524

Cross-site scripting XSS vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname aka real name element...

5.7AI score0.00404EPSS

Exploits0References6

CVE•added 2009/12/31 7:0 p.m.•37 views

CVE-2009-4524

CVE-2009-4524 affects the Drupal RealName module (6.x-1.x) prior to 6.x-1.3. It is a Cross-site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the realname element. The entry lists a MEDIUM impact with a base score of 4.3 (NVD), but exploitat...

4.3CVSS5.7AI score0.00404EPSS

Exploits0References6Affected Software1

Drupal•added 2009/10/14 12:0 a.m.•9 views

SA-CONTRIB-2009-072 - RealName - Cross Site Scripting

The RealName module allows the administrator to choose fields from the user profile that will be used to add a "real name" element method to a user object. In some specific cases, the module does not sanitize before outputting the realname, resulting in a cross-site scripting XSS vulnerability...

6AI score

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by