CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-5441

Malware in sbrugna...

6.8CVSS6.4AI score0.00116EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 3:16 a.m.•5 views

CVE-2012-5549

Cross-site request forgery CSRF vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.6AI score0.00116EPSS

Exploits0References1

NVD•added 2012/12/03 9:55 p.m.•14 views

CVE-2012-5548

Cross-site scripting XSS vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00263EPSS

Exploits0References2

NVD•added 2012/12/03 9:55 p.m.•14 views

CVE-2012-5549

Cross-site request forgery CSRF vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.1AI score0.00116EPSS

Exploits0References2

Prion•added 2012/12/03 9:55 p.m.•10 views

Sql injection

SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.00366EPSS

Exploits0References2Affected Software1

Prion•added 2012/12/03 9:55 p.m.•12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.6AI score0.00116EPSS

Exploits0References2Affected Software1

Prion•added 2012/12/03 9:55 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.00263EPSS

Exploits0References2Affected Software1

CVE•added 2012/12/03 9:0 p.m.•36 views

CVE-2012-5549

CVE-2012-5549 : CSRF vulnerability in the Drupal contributed Time Spent module (6.x/7.x) allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. The Time Spent module had insufficient input sanitization, affecting all versions. Drupal core is not affected....

6.8CVSS7.3AI score0.00116EPSS

Exploits0References2Affected Software1

CVE•added 2012/12/03 9:0 p.m.•34 views

CVE-2012-5548

CVE-2012-5548 is a Drupal Time Spent module (6.x/7.x) XSS vulnerability caused by insufficient input sanitization. Reports in the Drup al security advisory note multiple vulnerabilities (XSS, CSRF, SQL injection) across all Time Spent module versions, with Drupal core unaffected. Remediation per ...

4.3CVSS5.9AI score0.00263EPSS

Exploits0References2Affected Software1

Cvelist•added 2012/12/03 9:0 p.m.•14 views

CVE-2012-5548

Cross-site scripting XSS vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00263EPSS

Exploits0References2

CVE•added 2012/12/03 9:0 p.m.•35 views

CVE-2012-5550

Summary: CVE-2012-5550 describes a SQL injection vulnerability in the Drupal contributed Time Spent module (versions 6.x and 7.x). The underlying issue is that the module does not sufficiently sanitize user input, enabling remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.7AI score0.00366EPSS

Exploits0References2Affected Software1

Drupal•added 2012/10/24 12:0 a.m.•16 views

SA-CONTRIB-2012-157 - Time Spent - Multiple Vulnerabilities - (unsupported)

The Time Spent module tracks the time a registered user spends on a site and a site's content. The module doesn't sufficiently sanitize user input. Cross site scripting, cross-site request forgery, and SQL injection vulnerabilities have all been found. Note that none of these vulnerabilities have...

7.5CVSS7.3AI score0.00366EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by