EUVD-2012-1097

Malware in sbrugna...

EUVD-2006-2830

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-9449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms b...

CVE-2012-1060

Multiple cross-site scripting XSS vulnerabilities in revisioningtheme.inc in the Taxonomy module in the Revisioning module 6.x-3.13 and other versions before 6.x-3.14 for Drupal allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 tags or 2 ter...

PT-2024-40387 · Silverstripe · Silverstripe/Taxonomy Module

Name of the Vulnerable Software and Affected Versions: silverstripe/taxonomy module affected versions not specified Description: The issue is related to SQL injection in the silverstripe/taxonomy module. It specifically affects the TaxonomyDirectoryController controller, which is disabled by...

Drupal sensitive information disclosure

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags...

GHSA-P745-347H-HJFW Drupal sensitive information disclosure

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags...

DRUPAL-CONTRIB-2022-014

This module enables users to create 'private' vocabularies. The module doesn't sufficiently check user access permissions when attempting to view, edit, or add terms to vocabularies, including vocabularies not managed by the module. Partial mitigation is available by requiring users have been...

Private Taxonomy Terms - Critical - Access bypass, Information Disclosure, Multiple vulnerabilities - SA-CONTRIB-2022-014

This module enables users to create 'private' vocabularies. The module doesn't sufficiently check user access permissions when attempting to view, edit, or add terms to vocabularies, including vocabularies not managed by the module. Partial mitigation is available by requiring users have been...

CVE-2016-9449

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags...

UBUNTU-CVE-2016-9449

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags...

CVE-2016-9449

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags...

CVE-2016-9449

CVE-2016-9449 affects Drupal core (taxonomy module) on Drupal 7.x before 7.52 and 8.x before 8.2.3. The root cause is an inconsistent use of access query tags (taxonomy_term_access vs term_access) in query alteration, which could disclose taxonomy term information to remote authenticated users. T...

CVE-2016-9449

The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags...

Drupal 7.x < 7.52 / 8.x < 8.2.3 Multiple Vulnerabilities

The version of Drupal running on the remote web server is 7.x prior to 7.52 or 8.x prior to 8.2.3. It is, therefore, affected by the multiple vulnerabilities : - An information disclosure vulnerability exists in the taxonomy module when using access query tags that are inconsistent with the...

CVE-2015-4365

Cross-site scripting XSS vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...

Mandriva Linux Security Advisory : drupal (MDVSA-2014:031)

Multiple security issues was identified and fixed in drupal : The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authenticate as other users via unspecified vectors CVE-2014-1475. The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an earli...

[SECURITY] [DSA 2847-1] drupal7 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2847-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 20, 2014 http://www.debian.org/security/faq -...

MGASA-2014-0031 Updated drupal package fixes security vulnerabilities

Christian Mainka and Vladislav Mladenov reported a vulnerability in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts CVE-2014-1475. Matt Vance and Damien Tournoud reported an access bypass vulnerability in the...

CVE-2014-1476

The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an earlier version of Drupal, does not properly restrict access to unpublished content, which allows remote authenticated users to obtain sensitive information via a listing page...