226 matches found
FreeBSD : drupal -- multiple vulnerabilities (12efc567-9879-11dd-a5e7-0030843d3802)
The Drupal Project reports : A logic error in the core upload module validation allowed unprivileged users to attach files to content. Users can view files attached to content which they do not otherwise have access to. If the core upload module is not enabled, your site will not be affected. A...
drupal -- multiple vulnerabilities
The Drupal Project reports: A logic error in the core upload module validation allowed unprivileged users to attach files to content. Users can view files attached to content which they do not otherwise have access to. If the core upload module is not enabled, your site will not be affected. A...
Mihalism Multi Host Download - Username Blind SQL Injection
Mihalism Multi Host Download - Username Blind SQL Injection ?php / Moubik Romanian Security Team - http://rstzone.org presents Mihalism Multi Host Download - Blind SQL Injection Attack Thanks to Vladii for telling me about the CMS. Thanks to Shocker for telling Vladii about the CMS. Shoutz to...
DRUPAL-SA-2006-011 XSS Vulnerability in user module
A malicious user can execute a cross site scripting attack by enticing someone to visit a Drupal site via a specially crafted link. Versions affected Drupal 4.6.x versions before Drupal 4.6.9 Drupal 4.7.x versions before Drupal 4.7.3 Solution If you are running Drupal 4.6.x then upgrade to Drupal...
phpWebSite 0.7.30.8.x0.9.3 - User Module HTTP Response Splitting
phpWebSite 0.7.30.8.x0.9.3 - User Module HTTP Response Splitting source: https://www.securityfocus.com/bid/11673/info A remote HTTP response splitting vulnerability reportedly affects phpWebSite in its user module. This issue is due to a failure of the application to properly sanitize user-suppli...
phpWebSite 0.7.3/0.8.x/0.9.3 - User Module HTTP Response Splitting
source: https://www.securityfocus.com/bid/11673/info A remote HTTP response splitting vulnerability reportedly affects phpWebSite in its user module. This issue is due to a failure of the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to...