CVE-2012-5556

Multiple cross-site request forgery CSRF vulnerabilities in the RESTful Web Services RESTWS module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to hijack the authentication of arbitrary users via unknown vectors...

PT-2020-7484 · Drupal · Drupal Restws Module

Name of the Vulnerable Software and Affected Versions: Drupal restws module versions 7.x-1.x before 7.x-1.4 Drupal restws module versions 7.x-2.x before 7.x-2.1 Description: The issue allows remote authenticated users with certain permissions, such as access resource node and create page content,...

Drupal 7. x RESTWS module command execution vulnerability

No description provided by source...

Drupal RESTWS Remote Code Execution Vulnerability

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A remote code execution vulnerability exists in the Drupal RESTWS module. An attacker can exploit the vulnerability by sending a specially crafted request that results in...

CVE-2013-1946

The CVE-2013-1946 entry affects Drupal’s RESTful Web Services (RESTWS) module for Drupal 7.x-1.x up to 7.x-1.3 and 7.x-2.x up to 7.x-2.0-alpha5. When page caching is enabled and anonymous users have RESTWS permissions, a GET request with an HTTP Accept header set to a non-HTML type can cause a de...