1940 matches found
SA-CONTRIB-2015-061 - Ubercart Webform Integration - Cross Site Scripting (XSS)
Ubercart Webform Integration module integrates Webform and Ubercart modules. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission to...
SA-CONTRIB-2014-118 - Administer Users by Role - Access Bypass - Unsupported
This module enables site builders to set up fine-grained permissions for allowing users to edit and delete other users. The module doesn't sufficiently validate access permissions, enabling users who supposedly have limited permissions to grant themselves more permissions. This vulnerability is...
SA-CONTRIB-2014-115 - Form Builder - Cross-Site Scripting (XSS)
The Form Builder module enables users to build entire Form API structures through a graphical, AJAX-like interface. The module doesn't sufficiently sanitize form titles in some cases. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create forms...
SA-CONTRIB-2014-103 - Passwordless - Cross Site Scripting (XSS)
This module replaces the regular Drupal login form with a modification of the password-request form, to give the possibility to log in without using a password. The module doesn't sufficiently sanitize user-generated text entered in the module's configuration form. This vulnerability is mitigated...
SA-CONTRIB-2014-102 - Document - Cross Site Scripting
Document module is a basic Document Management System for Drupal. Cross Site Scripting XSS The module wasn't sanitizing user input sufficiently in a few use cases. This vulnerability is mitigated by the the fact that a user must have permissions to add or edit documents to be able to exploit the...
SA-CONTRIB-2014-096 - OAuth2 Client - Cross Site Scripting (XSS)
OAuth2 Client is an API support module, enabling other modules to connect to services using OAuth2 authentication. Within its API code the Client class exposes variables in an error message, which originate from a third party source without proper sanitisation thus leading to a Cross Site Scripti...
SA-CONTRIB-2014-057 - Password policy - General logic error
This module enables you to define password policies with various constraints on allowable user passwords. The history constraint, when enabled, disallows a user's password from being changed to match a specified number of their previous passwords. Beginning with Password Policy 7.x-1.4, the histo...
SA-CONTRIB-2014-056 - Commerce Moneris - Information Disclosure
Commerce Moneris is a payment module that integrates the Moneris payment system with Drupal Commerce. The module stores credit card data in a commerce order object unnecessarily for the purpose of passing the credit card information to the payment gateway. The credit card information is never...
SA-CONTRIB-2014-053 - Field API Tab Editor (FATE) - Access bypass
This module allows each entity field to be individually edited via its own custom page, accessible via a tab on the entity's page. The module returns an incorrect value to hookmenu if the current user does not have access to edit the entity. This allows users who would not normally have access to...
SA-CONTRIB-2014-049 - Organic Groups (OG) - Access Bypass
Organic groups OG enables users to create and manage their own 'groups'. Each group can have subscribers, and maintains a group home page where subscribers communicate amongst themselves. OG doesn't sufficiently check the permissions when a group member is pending or blocked status within the gro...
SA-CONTRIB-2014-024 - Content Lock - CSRF
This module prevents people from editing the same content at the same time. It adds a locking layer to nodes. It does not protect from CSRF. CVE identifiers issued ACVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes. Versions affected All...
SA-CONTRIB-2013-083 - Quiz - Access Bypass
Access bypass on deleting quiz results The Quiz module provides tools for authoring and administering quizzes through Drupal. A quiz is given as a series of questions, with only one question appearing per page. Scores are then stored in the database. The module doesn't sufficiently check the dele...
SA-CONTRIB-2013-059 - Hostmaster (Aegir) - Access Bypass
This install profile and accompanying suite of modules enables you to install, upgrade, deploy, and backup Drupal sites among other things. The module doesn't sufficiently control access to running tasks on sites, under the scenario where a user successfully guesses a sites' path in the Aegir...
SA-CONTRIB-2013-008 - CurvyCorners - Cross Site Scripting (XSS) - module unsupported
The CurvyCorners module enables you to create rounded corners on HTML block elements. The module doesn't sufficiently filter user entered text when being displayed. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer curvycorners". CVE...
SA-CONTRIB-2012-139 - PDFThumb OS Injection
PDFThumb module creates thumbnail images of PDF files. The module doesn't sufficiently escape user-entered values when executing commands on the server allowing an attacker to execute whatever commands are available to the web server user e.g. www-data. This vulnerability is mitigated by the fact...
SA-CONTRIB-2012-121 - Shorten URLs - Cross Site Scripting (XSS)
The Shorten URLs module provides an API to shorten URLs via many services like bit.ly and TinyURL, as well as a block and a page that provide an interface for easily shortening URLs. Cross Site Scripting via report The module doesn't sufficiently sanitize user input when displaying shortened URLs...
SA-CONTRIB-2012-119 - Excluded Users - Cross Site Scripting (XSS)
Excluded Users is a helper module which allows administrators to select users to not appear in user listings. The module displays a list of user names and email addresses without sanitizing them. In the event that someone manages to insert malicious code into a user name or email address, this...
SA-CONTRIB-2012-113 - Drupal Commons - Access Bypass
Drupal Commons is a ready-to-use solution for building either internal or external communities. The Drupal Commons feature a central module in the distribution includes a listing of recent comments on discussions. This listing of comments is powered by a view that doesn't fully enforce node acces...
SA-CONTRIB-2012-109 - Restrict node page view - Access bypass
This module enables you to disable direct access to node pages node/XXX based on nodetypes and permissions. The module issues a NODEACCESSALLOW if it's permissions are met, but does not respect the "administer nodes" or "access own unpublished content" permissions. The consequence is that this...
SA-CONTRIB-2012-090 - File depot - Session Management Vulnerability
The filedepot module is a Document Management module. It fulfills the need for an integrated file management module supporting role and user based security. Documents can be saved outside the Drupal public directory to protect documents for safe access and distribution. The module has a Session...
SA-CONTRIB-2011-051 - Hotblocks module - multiple vulnerabilities
The HotBlocks module provides a rich experience for managing blocks. The module contained multiple vulnerabilities including Cross Site Scripting XSS, Access Bypass, and Cross Site Request Forgery CSRF. XSS is mitigated by the fact that an attacker must have a role with the permission "administer...
SA-CONTRIB-2011-050 - Organic groups - Access bypass
Organic groups OG enables users to create and manage their own 'groups'. Each group can have subscribers, and maintains a group home page where subscribers communicate amongst themselves. OG has an API function to check access to an entity which is in a group "context". When the entity isn't in a...
SA-CONTRIB-2011-037- Node Invite - Cross Site Scripting
The Node Invite module allows you to invite users with existing accounts or otherwise to specified nodes on a Drupal site. This module does not properly use t strings to ensure all text was sanitized when data was output through a formseterror message, thus creating a Cross Site Scripting XSS...
SA-CONTRIB-2011-021 - Webform - Multiple Vulnerabilities
Webform module enables you to create custom webform or survey nodes. These nodes typically may be created either by editorial teams or administrators. Webform does not sufficiently check directory access when a user configures an upload field. This may allow a user to upload malicious files to th...
SA-CONTRIB-2011-014 - Webform Block - Cross Site Scripting
The Webform Block module enables users to make a webform available as a block. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability that may lead to a malicious user gaining full administrative access. The...
SA-CONTRIB-2011-009 - Droptor - SQL Injection
The Droptor module connects a Drupal site to Droptor.com, a Drupal monitoring and management solution. When capturing memory logging information the module does not filter the value input from the current page request variable. This vulnerability can be exploited to perform an SQL Injection attac...
SA-CONTRIB-2010-104 - Relevant Content - Information Disclosure
The Relevant Content module provides a block and CCK field which contain links to other nodes on the site which are considered "relevant" to the current nodes based on number of shared taxonomy terms. The Relevant Content module does not implement node access logic properly, resulting in the...
SA-CONTRIB-2010-094 - Embedded Media Field - Access bypass
The Embedded Media Field project is a set of modules that enable editors to post URL's and embed codes for third party media providers such as YouTube, Vimeo, or Flickr, which will be automatically parsed and displayed using preset formatters. The Embedded Video Field module packaged with the...
SA-CONTRIB-2010-087 - GovDelivery - Cross site scripting
The GovDelivery module provides integration with the GovDelivery On-Demand Mailer service, a web service for GovDelivery customers that sends messages directly based on configured account information. The module replaces the backend of SMTP library in your Drupal site with calls to the GovDeliver...
SA-CONTRIB-2010-074 - Drupad - Cross-site request forgery
The Drupad module is the companion module of the iPhone / iPodTouch application also called Drupad. The module doesn't check if the incoming request is made from the application, leading to a CSRF vulneraby. This vulnerability can be used to delete users and content, or set the site in offline mo...
SA-CONTRIB-2010-067 - Views - Multiple vulnerabilities
The Views module provides a flexible method for Drupal site designers to control how lists and tables of content are presented. Cross Site Request Forgery CSRF The Views UI module, which is included with Views, can be used to enable/disable Views by following a link to a particular page e.g...
SA-CONTRIB-2010-057 - Rotor Banner - Cross Site Scripting (XSS)
The Rotor Banner module allows users to upload images which can then be displayed in a block and rotated through using jQuery. However, when these images are displayed, the values for the various image attributes srs, title, alt are not properly sanitized, leading to a cross site scripting XSS...
SA-CONTRIB-2010-050 - CAPTCHA - Cross Site Scripting
The CAPTCHA module enables a site administrator to put a CAPTCHA form element a simple challenge that is easy for humans, but hard for automated spam bots on any form. The CAPTCHA module does not sanitize the CAPTCHA description that is added as help text to the CAPTCHA form element, allowing use...
SA-CONTRIB-2010-045 - Auto Assign Role - Access bypass
The Auto Assign Role serves three primary purposes. The first is to provide an automatic assignment of roles when a new account is created. The second is to allow the end user the option of choosing their own role or roles when they create their account. The third is to provide paths that will...
SA-CONTRIB-2010-023 - Workflow - Cross Site Scripting
When used in combination with the Token module, the Workflow module does not escape the text entered into the Comment field of the workflow fieldset on the node form. This allows a user with the permission to change the workflow state of a node to perform a Cross Site Scripting XSS attack if a...
SA-CONTRIB-2010-012 - ODF Import - Access Bypass (possible Cross Site Scripting)
ODF Import module enables users of a Drupal site to import content created in the ODF format e.g. using OpenOffice.org. When importing content it always used an input format which might not be available to the user importing the content leading to a cross-site scripting XSS vulnerability. Such an...
SA-CONTRIB-2010-003 - Forward - Cross site scripting
This module allows users to forward a link to a specific node on your site to a friend. The Forward module does not properly sanitize user supplied data, allowing users with the "access administration pages" and "administer forward" permissions, or users with "access administration pages" and...
SA-CONTRIB-2009-113 - FAQ - Cross Site Scripting
The Frequently Asked Questions faq module allows users, with the appropriate permissions, to create question and answer pairs which are displayed on the 'faq' page, and in the random and recent FAQ blocks. The module does not sanitize some of the user-supplied data before displaying it, leading t...
SA-CONTRIB-2009-104 - Feed Element Mapper - Cross Site Scripting
Feed Element Mapper is an add-on module for FeedAPI that maps elements on a feed item such as tags, or the author name, to taxonomy or CCK fields. These mappings are configurable by a point and click interface. When configuring the mapping, some values coming from external feeds are not sanitized...
SA-CONTRIB-2009-091 - Node Hierarchy - Cross Site Scripting
The Node Hierarchy module enables a site administrator to arrange their site into a tree-like structure. When displaying the list of children for a node the module does not properly sanitize the titles of the child nodes before outputting them, leading to a cross-site scripting XSS vulnerability...
SA-CONTRIB-2009-083 - CCK Comment Reference - Access Bypass
The CCK Comment Reference module enables administrators to define node fields that are references to comments. Users can access comments through the autocomplete path that the module provides even if they don't have access to read comments. Versions affected CCK Comment Reference module versions...
SA-CONTRIB-2009-080 - Simplenews Statistics - Multiple vulnerabilities
The Simplenews Statistics module provides newsletter statistics such as the open rate and CTR click-through rate. The module suffers multiple vulnerabilities, including Cross Site Request Forgeries CSRF, Cross Site Scripting problem Cross Site Scripting and Open Redirect. This problem allows an...
SA-CONTRIB-2009-081 - Abuse - Cross Site Scripting
The Abuse module enables users to flag nodes and comments as offensive, bringing them to the attention of the site maintainer for review. The module suffers from a Cross Site Scripting Cross Site Scripting vulnerability. Such an attack may lead to a malicious user gaining full administrative...
SA-CONTRIB-2009-070 - Shibboleth authentication - Impersonation, privilege escalation
The Shibboleth authentication module provides user authentication and authorisation based on the Shibboleth Web Single Sign-on system. The module does not properly handle the changes of the underlying Shibboleth session. This can result in impersonation and possible privilege escalation if a user...
SA-CONTRIB-2009-068 - Boost - Filesystem Directory Creation
The Boost module provides a static file-based cache of Drupal pages for anonymous users. A vulnerability in the module allows an attacker to create new directories inside the webroot that the web server can write to. Existing directories cannot be changed using this vulnerability, but it can be...
SA-CONTRIB-2009-057 - Date - Cross Site Scripting
The Date module provides a date CCK field that can be added to any content type. The Date module does not properly escape user data correctly in some cases when setting the page title. A malicious user with permission to post date content could attempt a cross site scripting XSS attack when...
SA-CONTRIB-2009-048 - Bibliography Module - Cross Site Scripting
The Bibliography module Biblio allows users to manage and display lists of scholarly publications. The module contains a cross site scripting vulnerability because it does not properly sanitize output of titles before display. A user who has the permission to create content displayed by the...
SA-CONTRIB-2009-045: Moderation - Cross Site Request Forgery
The Moderation module uses Ajax to provide a dynamic moderation queue for nodes and comments. The module is vulnerable to cross-site request forgeries CSRF via the AJAX hooks used to toggle the moderation bit. It allows a non-administrative user to trick an admin into publishing arbitrary moderat...
SA-CONTRIB-2009-026 - LoginToboggan - Access bypass
LoginToboggan includes a setting which, if enabled, allows users to log in using either their username or e-mail address. In some circumstances, previously blocked users may still be able to access the site if this setting is enabled. Versions affected LoginToboggan 6.x-1.x prior to 6.x-1.5...
SA-CONTRIB-2009-023 - News Page - SQL injection
The News Page module provides a node content type which displays feed items from an aggregator category, filtered by keywords entered into the 'Include Words' field of the node. Unfortunately the News Page module uses keywords directly in SQL queries without being sanitized, allowing SQL injectio...