21 matches found
EUVD-2012-5156
Malware in sbrugna...
EUVD-2015-7777
Malware in sbrugna...
EUVD-2012-1646
Malware in sbrugna...
CVE-2012-1636
Cross-site request forgery CSRF vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors...
CVE-2012-5233
Cross-site scripting XSS vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs...
CVE-2015-7879
Cross-site scripting XSS vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page...
Cross site scripting
Cross-site scripting XSS vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page...
CVE-2015-7879
Cross-site scripting XSS vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page...
CVE-2015-7879
The CVE-2015-7879 issue affects the Drupal Stickynote module for 7.x, before 7.x-1.3. Root cause: insufficient sanitization of note text on the admin listing page, allowing remote authenticated users with create/edit permission to inject arbitrary script or HTML (XSS). Affected versions: Stickyno...
Drupal Stickynote模块跨站脚本漏洞(CNVD-2015-07318)
No description provided by source...
Drupal Stickynote module cross-site scripting vulnerability (CNVD-2015-07318)
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Stickynote is one of the modules that annotates pages based on paths. A cross-site scripting vulnerability exists in the Drupal Stickynote module in versions 7.x-1.3 prior to 7.x-1.x. A...
Stickynote - Cross Site Scripting (XSS) - Moderately Critical - SA-CONTRIB-2015-154
This module enables you to create notes on a page inside a block. The module doesn't sufficiently sanitize the note text on the admin listing page. This vulnerability is mitigated by the fact that an attacker must have a role with a permission to create or edit a stickynote. CVE identifiers issue...
CVE-2012-5233
Cross-site scripting XSS vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs...
CVE-2012-1636
Cross-site request forgery CSRF vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors...
CVE-2012-5233
Cross-site scripting XSS vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs...
CVE-2012-1636
Cross-site request forgery CSRF vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors...
CVE-2012-1636
The CVE-2012-1636 entry concerns the Drupal stickynote module (7.x-1.x) with a CSRF vulnerability that allows remote attackers to hijack user authentication for requests that delete stickynotes. Affected versions are prior to 7.x-1.1. The issue’s exploitation is described as CSRF without explicit...
CVE-2012-5233
CVE-2012-5233 affects the Drupal Stickynote module (versions before 7.x-1.1). The vulnerability is a Cross-site Scripting (XSS) flaw that allows remote authenticated users with edit_stickynotes privileges to inject arbitrary script or HTML through unspecified vectors. Impact is web page/script in...
CVE-2012-5233
Cross-site scripting XSS vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs...