EUVD-2026-15467

Cross-Site Request Forgery CSRF vulnerability in Drupal Theme Negotiation by Rules allows Cross Site Request Forgery.This issue affects Theme Negotiation by Rules: from 0.0.0 before 1.2.1...

Drupal Theme Negotiation by Rules 安全漏洞

Drupal Theme Negotiation by Rules is a content management system module developed by Drupal that dynamically selects website theme styles based on rules. Versions of Drupal Theme Negotiation by Rules prior to 1.2.1 contained security vulnerabilities, which were caused by susceptibility to...

EUVD-2020-23927

Malware in sbrugna...

EUVD-2013-1902

Malware in sbrugna...

EUVD-2023-45509

Malicious code in bioql PyPI...

CVE-2020-36399

A stored cross site scripting XSS vulnerability in phplist 3.5.4 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "rule1" parameter under the "Bounce Rules" module...

CVE-2013-1906

Cross-site scripting XSS vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script or HTML via a rule tag...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible null pointer dereference in the ipv6:fib6rules module fib6ruleaction...

CVE-2023-40970

Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loanrules.php...

PT-2023-27726 · Senayan Library Management System · Slims

Name of the Vulnerable Software and Affected Versions: Senayan Library Management Systems SLIMS 9 Bulian version 9.6.1 Description: The issue concerns SQL Injection. It affects the admin/modules/circulation/loan rules.php endpoint. Recommendations: For version 9.6.1, consider restricting access t...

Business Logic Errors in pimcore/pimcore

Description The application is vulnerable to Business Logic error through negative cart amount. Proof of Concept Step 1: Login to the application https://10.x-dev.pimcore.fun/admin/login?perspective= Step 2: Navigate to Online shop - Pricing Rules - Voucher Discount - Actions Step 3: Enter Negati...

phplist cross-site scripting vulnerability (CNVD-2021-48520)

phpList is an open source newsletter and email marketing software from phpList UK. A stored cross-site scripting vulnerability exists in phplist 3.5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary Web script or HTML via the ""rule1"" parameter under the ""Bounce...

PT-2021-12041 · Phplist · Phplist

Name of the Vulnerable Software and Affected Versions: phplist versions 3.5.4 and below Description: A stored cross site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the rule1 parameter under the "Bounce Rules" module. Recommendations: For...

CVE-2013-1906

Cross-site scripting XSS vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script or HTML via a rule tag...

CVE-2013-1906

The vulnerability CVE-2013-1906 affects the Drupal Rules module (7.x-2.x) prior to 7.x-2.3. It is a persistent XSS flaw caused by unsanitized rule tags displayed to users. Exploitation requires an attacker with the Drupal role/permission to administer rules and can inject arbitrary script/HTML vi...

CVE-2013-1906

Cross-site scripting XSS vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script or HTML via a rule tag...

[SECURITY] Fedora 17 Update: drupal7-rules-2.3-1.fc17

The rules modules allows site administrators to define conditionally execut ed actions based on occurring events known as reactive or ECA rules. It's a replacement with more features for the trigger module in core and the successor of the Drupal 5 workflow-ng module...

SA-CONTRIB-2013-037 - Rules - Cross Site Scripting (XSS)

The Rules module allows site administrators to define conditionally executed actions based on occurring events known as reactive or ECA rules. It's a replacement with more features for the trigger module in core. The module contains a persistent cross site scripting XSS vulnerability due to the...