EUVD-2015-8480

Malware in sbrugna...

CVE-2015-8602

The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access restrictions and possibly obtain sensitive information by inserting a token, which embeds a rendered...

Drupal Token Insert Entity Module Information Disclosure Vulnerability

Drupal is a free and open source content management system developed in PHP.Token Insert Entity is one of the modules that provides the ability to embed tokens for opened entities or nodes. Drupal Token Insert Entity fails to properly check permissions, which can be exploited by remote attackers ...

CVE-2015-8602

The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access restrictions and possibly obtain sensitive information by inserting a token, which embeds a rendered...

Code injection

The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access restrictions and possibly obtain sensitive information by inserting a token, which embeds a rendered...

CVE-2015-8602

The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access restrictions and possibly obtain sensitive information by inserting a token, which embeds a rendered...

CVE-2015-8602

The CVE-2015-8602 issue affects the Drupal Token Insert Entity module (7.x-1.x) prior to 7.x-1.1. The vulnerability arises from improper permission checks that let remote authenticated users with certain permissions bypass access restrictions and insert a token that embeds a rendered entity into ...