Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.7 views

PT-2026-6344

The Login Disable module prevents users from logging in to your Drupal site unless they know the access key to add to the end of the login form page. default: If they provide the access key and have a specific role they can log in. The module does not check for the access key when using the HTTP...

5.4AI score
Exploits0References2
Patchstack
Patchstack
added 2025/10/23 10:37 p.m.8 views

WordPress Supervisor plugin <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Supervisor versions = 1.3.2...

4.3CVSS6.7AI score0.00184EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/07/30 4:30 p.m.5 views

DRUPAL-CONTRIB-2025-093

This module enables you to access an edit page for a config page. The module doesn't sufficiently check the access permissions hookENTITYTYPEaccess wasn't taken into account. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "edit ID config page" an...

7.6CVSS6.7AI score0.00253EPSS
Exploits0References1
Friends Of PHP
Friends Of PHP
added 2018/10/02 12:1 a.m.14 views

Action case insensitivity

Fix security breach = required role for action was not required for Action nor ACTION. Thanks to [email protected]...

1.7AI score
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/10/02 12:1 a.m.11 views

Action case insensitivity

Fix security breach = required role for action was not required for Action nor ACTION. Thanks to [email protected]...

7.2AI score
Exploits0Affected Software1
Rows per page
Query Builder