6 matches found
EUVD-2014-1478
Malware in sbrugna...
EUVD-2007-5572
Malware in sbrugna...
CVE-2014-1400
The entityaccess API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspecified vectors...
Authentication flaw
The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...
CVE-2007-5597
The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...
CVE-2007-5597
The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...