9 matches found
EUVD-2012-2296
Malware in sbrugna...
Design/Logic Flaw
The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authenticated users with the "access content"...
CVE-2013-4498
The CVE-2013-4498 vulnerability affects the Drupal Spaces module (Spaces OG submodule, 6.x-3.x) prior to 6.x-3.7. Root cause: when moving content to a new group, Spaces OG fails to delete Organic Group group spaces content, leaving it orphaned. Impact: remote authenticated users with the "access ...
SA-CONTRIB-2013-081 - Spaces - Access bypass
This module enables you to make configuration options generally available only at the sitewide level to be configurable and overridden by individual "spaces" on a Drupal site. The spaces submodule, Spaces OG, doesn't properly handle deleting of organic group group spaces when the option to move t...
CVE-2012-2303
The Spaces module 6.x-3.x before 6.x-3.4 for Drupal does not enforce permissions on non-object pages, which allows remote attackers to obtain sensitive information and possibly have other impacts via unspecified vectors to the 1 Spaces or 2 Spaces OG module...
Information disclosure
The Spaces module 6.x-3.x before 6.x-3.4 for Drupal does not enforce permissions on non-object pages, which allows remote attackers to obtain sensitive information and possibly have other impacts via unspecified vectors to the 1 Spaces or 2 Spaces OG module...
CVE-2012-2303
The Spaces module 6.x-3.x before 6.x-3.4 for Drupal does not enforce permissions on non-object pages, which allows remote attackers to obtain sensitive information and possibly have other impacts via unspecified vectors to the 1 Spaces or 2 Spaces OG module...
CVE-2012-2303
The issue CVE-2012-2303 affects the Drupal Spaces module (Spaces and Spaces OG) for Drupal 6.x-3.x, with prior to 6.x-3.4 vulnerable. Root cause: permissions are not enforced on non-object pages, enabling remote disclosure of sensitive information via unspecified vectors to the Spaces modules. Im...
SA-CONTRIB-2011-012 - Spaces - Access bypass
The Spaces module makes sitewide configuration options available to be overridden by individual "spaces" on a Drupal site. Spaces provides a Views module access plugin that does not properly check its permission setting which may allow underprivileged users to visit certain pages. This...