Lucene search
K

50 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-7926

Malware in sbrugna...

3.5CVSS6.4AI score0.01046EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-4231

Malware in sbrugna...

2.1CVSS6.4AI score0.01264EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2013-1803

Malware in sbrugna...

2.1CVSS6.4AI score0.00962EPSS
Exploits0References5
Prion
Prion
added 2019/11/13 9:15 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the zenbreadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the...

3.5CVSS5.7AI score0.01037EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2019/11/13 8:43 p.m.71 views

CVE-2013-4275

The Drupal Zen theme vulnerability CVE-2013-4275 affects Zen 6.x-1.x; 7.x-3.x before 7.x-3.2; and 7.x-5.x before 7.x-5.4. The root cause is a missing escape in zen_breadcrumb (template.php) for the breadcrumb separator field, allowing remote authenticated users with the administer themes permissi...

5.4CVSS5.1AI score0.01037EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2019/11/13 8:43 p.m.22 views

CVE-2013-4275

Cross-site scripting XSS vulnerability in the zenbreadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the...

5.2AI score0.01037EPSS
Exploits1References8
OSV
OSV
added 2019/05/08 4:56 p.m.3 views

DRUPAL-CORE-2019-007

This security release fixes third-party dependencies included in or required by Drupal core. As described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream Wrapper Interceptor: In order to intercept file invocations like file\exists or stat on compromised Phar archives the base name has...

9.8CVSS6.9AI score0.05586EPSS
Exploits0References1
CVE
CVE
added 2015/11/17 3:0 p.m.46 views

CVE-2015-8233

The MAYO Drupal theme (7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6) is affected by an XSS vulnerability. Root cause: insufficient sanitization in theme settings that remote administrators with the Administer themes permission can exploit to inject arbitrary script/HTML. Impact: potential fo...

2.6CVSS5.8AI score0.01316EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2014/10/13 6:55 p.m.22 views

CVE-2014-8746

Cross-site scripting XSS vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1.4, for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...

3.5CVSS5.2AI score0.00946EPSS
Exploits0References4
Prion
Prion
added 2014/10/13 6:55 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1.4, for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...

3.5CVSS5.6AI score0.00946EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/10/13 6:0 p.m.31 views

CVE-2014-8746

Cross-site scripting XSS vulnerability in the Skeleton theme 7.x-1.2 through 7.x-1.3 before 7.x-1.4, for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...

5.2AI score0.00946EPSS
Exploits0References4
CVE
CVE
added 2014/10/13 6:0 p.m.47 views

CVE-2014-8746

The CVE-2014-8746 entry refers to a Cross-site scripting (XSS) vulnerability in the Skeleton theme for Drupal, affecting versions 7.x-1.2 through 7.x-1.3 prior to 7.x-1.4. The issue allows remote authenticated users who have the "administer themes" permission to inject arbitrary web script or HTM...

3.5CVSS5.3AI score0.00946EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2014/10/09 2:55 p.m.19 views

CVE-2014-8077

Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...

3.5CVSS5.3AI score0.01046EPSS
Exploits0References6
NVD
NVD
added 2014/10/09 2:55 p.m.25 views

CVE-2014-8076

Cross-site scripting XSS vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to custom copyright information...

3.5CVSS5.2AI score0.00946EPSS
Exploits0References4
Prion
Prion
added 2014/10/09 2:55 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to custom copyright information...

3.5CVSS5.6AI score0.00946EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/10/09 2:55 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...

3.5CVSS5.6AI score0.01046EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2014/10/09 2:0 p.m.24 views

CVE-2014-8079

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to header background setting...

5.2AI score0.0118EPSS
Exploits0References6
Cvelist
Cvelist
added 2014/10/09 2:0 p.m.24 views

CVE-2014-8076

Cross-site scripting XSS vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to custom copyright information...

5.2AI score0.00946EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/10/09 2:0 p.m.24 views

CVE-2014-8077

Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...

5.3AI score0.01046EPSS
Exploits0References6
Prion
Prion
added 2014/10/08 6:55 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings...

3.5CVSS5.6AI score0.00946EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder