1940 matches found
SA-CONTRIB-2013-008 - CurvyCorners - Cross Site Scripting (XSS) - module unsupported
The CurvyCorners module enables you to create rounded corners on HTML block elements. The module doesn't sufficiently filter user entered text when being displayed. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer curvycorners". CVE...
SA-CONTRIB-2012-139 - PDFThumb OS Injection
PDFThumb module creates thumbnail images of PDF files. The module doesn't sufficiently escape user-entered values when executing commands on the server allowing an attacker to execute whatever commands are available to the web server user e.g. www-data. This vulnerability is mitigated by the fact...
SA-CONTRIB-2012-132 - Announcements - Access Bypass
The Announcements module creates an "announcement" content type and provides both node views and block lists. The module doesn't sufficiently check node access under certain conditions. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access...
SA-CONTRIB-2012-117 - Location - Access Bypass
The Location module allows real-world geographic locations to be associated with Drupal nodes, including people, places, and other content. The Location Search sub-module adds a search page for searching for locations. The Location Search module fails to enforce content and user access permission...
SA-CONTRIB-2012-115 - Gallery formatter - Cross Site Scripting (XSS)
Gallery formatter provides a field formatter for images that turns the fields into jQuery galleries. The module did not properly escape input from the user before printing it to the browser, allowing malicious users to inject script code into the page. This vulnerability is mitigated by the fact...
SA-CONTRIB-2011-057 - Support Ticketing System - Cross Site Scripting (XSS)
The Support Ticketing System module provides a basic ticketing system and helpdesk that is native to Drupal, offering complete email integration. The module does not properly sanitize user-supplied content, resulting in multiple Cross-Site Scripting XSS vulnerabilities. This vulnerability is...
SA-CONTRIB-2011-058 - Support Timer - Cross Site Scripting (XSS)
The Support Timer module adds a javascript-based timer to the Support Ticketing System for tracking how long users are working on support tickets, as well as administrative reports. The module does not properly sanitize user-supplied content, resulting in multiple Cross-Site Scripting XSS...
SA-CONTRIB-2011-040 Author Pane access bypass
The Author Pane module provides information about users on a site. This module has integration with several other modules including the user locations of the Location module. If you enabled display of user locations the Author Pane module may have shown user locations to site visitors who did not...
SA-CONTRIB-2011-025 - Juitter & Download Count - Cross Site Scripting (XSS)
Two modules are being unsupported due to cross site scripting issues. The Juitter module enables you to use Juitter, a jQuery plugin, to put live Twitter search results on your site. The Juitter module contains a cross site scripting XSS vulnerability that can be exploited when setting up the...
SA-CONTRIB-2011-014 - Webform Block - Cross Site Scripting
The Webform Block module enables users to make a webform available as a block. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability that may lead to a malicious user gaining full administrative access. The...
SA-CONTRIB-2010-103 - Node Relativity - Multiple vulnerabilities
The Node Relativity module allows parent-child relationships between nodes to be established, managed and searched. The Node Relativity module does not sanitize some of the user supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability which can be used by a maliciou...
SA-CONTRIB-2010-083 - Ubercart sub-modules - Multiple Vulnerabilities
The Ubercart module for Drupal provides e-commerce features. Several modules within Ubercart were vulnerable to various security issues. 1. The 2Checkout gateway module did not properly verify the payment notification information. A malicious user could use a specially crafted HTTP request to...
SA-CONTRIB-2010-078 - Kaltura - Information disclosure
The Kaltura module integrates the Kaltura open source video platform with Drupal. When installing, uninstalling, or configuring the module, it would surreptitiously inject a hidden iframe into the messages displayed to the administrator with the source pointing to corp.kaltura.com/stats/drupal...
SA-CONTRIB-2010-071 - MultiSafepay Integration - Cross Site Request Forgery
The MultiSafepay Integration module provides integration between the Ubercart e-commerce solution and the MultiSafepay payment system. The module is vulnerable to Cross Site Request Forgeries CSRF which would allow a malicious user to alter the status of orders or to trick other users into alteri...
SA-CONTRIB-2010-045 - Auto Assign Role - Access bypass
The Auto Assign Role serves three primary purposes. The first is to provide an automatic assignment of roles when a new account is created. The second is to allow the end user the option of choosing their own role or roles when they create their account. The third is to provide paths that will...
SA-CONTRIB-2010-046: Award - Cross Site Scripting
The Award module allows administrators to identify one or more content types as "awards" that can be granted to users. When the title of an award is displayed on a user's profile page it is not properly sanitized, resulting in a cross site scripting vulnerability. Attackers must have the permissi...
SA-CONTRIB-2010-040: FileField - Access Bypass
FileField provides a file upload field for CCK, allowing files to be attached to a node. FileField intends to set a default extension of "txt" for all new fields, but may actually save an empty string allowing all extensions if an administrator does not save the field configuration page after...
SA-CONTRIB-2010-038 - Privatemsg - Access bypass
The Privatemsg module allows to send private messages between users. Additionally, the sub module Privatemsg Email Notification sends e-mail notification when such a message is sent. The page to configure the template for these e-mails does not use the correct access permission which allows all...
SA-CONTRIB-2010-035: Smileys - Cross Site Request Forgery
The Smileys module provides a text filter that substitutes emoticons with images. The module is vulnerable to cross-site request forgeries CSRF via the URL used to delete smileys. A user with "administer smileys" permission could be tricked into visiting the smiley delete URL and unwittingly remo...
SA-CONTRIB-2010-019 - Weekly Archive by Node Type - Access Bypass
The Weekly Archive by Node Type module generates weekly archive pages and a block with links to the pages. You can specify the node types that will be included in the archive pages. In weekly summaries listings, the Weekly Archive by Node Type module does not construct its SQL query to respect no...
SA-CONTRIB-2009-115 - Autocomplete Widgets for CCK Text and Number - Information Disclosure
Autocomplete Widgets module adds 2 autocomplete widgets for CCK fields of type Text and Number. The autocomplete callback implemented by this module does not honor permissions to access CCK fields, allowing users to see field values even though they are not authorized to access that information...
SA-CONTRIB-2009-114 - Automated Logout - Cross Site Scripting
This module provides a site administrator the ability to log users out after a specified time of inactivity. The module does not sanitize some of the user-supplied data before displaying it, leading to a cross-site scripting XSS vulnerability. Users who can take advantage of this vulnerability...
SA-CONTRIB-2009-107 - Ubercart - Access bypass, Cross site request forgery
Ubercart's PayPal Website Payments Standard integration exposes a path for completed orders without properly checking that the order is valid for the current user. In the event that the order has already been processed for checkout, this can result in duplicate actions taking place inadvertently...
SA-CONTRIB-2009-103 - Strongarm - Cross Site Scripting
The Strongarm module enables other modules to enforce variable settings programmatically. It can also be used to override any of these variables, and lets the administrator see which variables have been overridden, along with their current values. When using the settings page to see overridden...
SA-CONTRIB-2009-093 - Temporary Invitation - Cross Site Scripting
The Temporary Invitation module enables site users to invite guests for a limited timespan. For each invitation, a new user is created, together with a login code e.g. "EbN2F3" that the user can use to log in. The module fails to sanitize a value in Name field which is included in the invitation,...
SA-CONTRIB-2009-084 - LDAP Integration - Multiple Vulnerabilities
The LDAP Integration module enables users to authenticate against LDAP servers. The module does not properly implement confirmation pages for the LDAP server activation/deactivation which could lead to a Cross Site Request Forgery CSRF attack. The user defined server name is not properly escaped ...
SA-CONTRIB-2009-076 - Flag Content Cross Site Scripting
The Flag Content module enables users to flag nodes and users for the attention of a site maintainer e.g. for abuse, spam, trolling, ...etc.. In some specific cases, the module does not sanitize before outputting the Reason field, resulting in a cross-site scripting XSS vulnerability. Such an...
SA-CONTRIB-2009-068 - Boost - Filesystem Directory Creation
The Boost module provides a static file-based cache of Drupal pages for anonymous users. A vulnerability in the module allows an attacker to create new directories inside the webroot that the web server can write to. Existing directories cannot be changed using this vulnerability, but it can be...
SA-CONTRIB-2009-067 Dex module - Cross Site Scripting, no longer maintained
The Dex: Contact Information Manager module enables contact information management with Google Maps and Yahoo Maps compatible geocoding. The module suffers from a Cross Site Scripting XSS vulnerability. Such an attack may lead to a malicious user gaining full administrative access. This module is...
SA-CONTRIB-2009-064 - Bibliography module - Cross Site Scripting
The Bibliography module also known as Biblio allows users manage and display lists of scholarly publications. The Biblio module creates customized views in order to display these listings, and these listings contain text entered by users with the 'create biblio' permission. In some cases, the...
SA-CONTRIB-2009-062 - Devel - Cross Site Scripting
The Devel module contains many useful developer functions, such as a query log and the display of variables. When using the variable editor, the module does not properly sanitize the output of the variable name before display, leading to a cross-site scripting XSS vulnerability. Such an attack ma...
SA-CONTRIB-2009-055 - BUEditor - Cross Site Scripting
The BUEditor module provides a plain textarea editor designed to facilitate code writing. The module suffers from a Cross Site Scripting XSS vulnerability, which allows an attacker to hijack the account of a logged in user by tricking them into visiting a seemingly innocent page using the Live...
SA-CONTRIB-2009-049 - Live - Privilege escalation, Impersonation
The Live module provides dynamic previews of content. When editing certain content nodes, the current user becomes logged in as the content's original author. Versions affected Live for Drupal 6.x prior to 6.x-1.2 Drupal core is not affected. If you do not use the contributed Live module, there i...
SA-CONTRIB-2009-040 - Advanced Forum - Multiple vulnerabilities
Cross-site scripting The Advanced Forum module does not correctly handle certain arguments obtained from the URL. By enticing a suitably privileged user to visit a specially crafted URL, a malicious user is able to insert arbitrary HTML and script code into forum pages. Such a cross-site scriptin...
SA-CONTRIB-2009-038 - Nodequeue - Multiple vulnerabilities
The Nodequeue module enables an administrator to arbitrarily put nodes in a group for some purpose, such as providing a listing of nodes or featuring a particular node. It suffers from a cross-site scripting XSS vulnerability due to not properly sanitizing vocabulary names before they are...
SA-CONTRIB-2009-012 - Printer, e-mail and PDF versions - Unrestricted e-mailing (spam)
The "Send by e-mail" module, part of the "Printer, e-mail and PDF versions" project, allows users to send e-mail messages while viewing content on the site. This module was found to have multiple vulnerabilities. Unrestricted e-mailing spam Due to improper use of Drupal's flood control API, it is...
SA-CONTRIB-2009-011 Tasklist - SQL injection and Cross site scripting
Tasklist does not properly use the Drupal database API and inserts values from the URL directly into queries. This can be exploited to perform SQL Injection attacks. These attacks may lead to a malicious user gaining full administrator access. In addition, Tasklist allows users to add CSS to page...
SA-CONTRIB-2009-003 - Internationalizaion (i18n) Translation module - Access bypass
The third-party i18n module enables users to make a translation of an existing item of content a node. In that process the existing node's content is copied into the new node. The module contains a flaw that allows a user with the 'translate node' permission to potentially bypass normal viewing...
SA-2008-070 - Comment Mail - Cross site request forgery
The Comment Mail module allows an email to be sent to the site administrators when new comments are posted. Links in the email allow for quick approval, editing, deletion of the comment and/or banning of the poster's IP address. Unfortunately some links are vulnerable to cross site request...
SA-2008-059 - Brilliant Gallery - SQL Injection and Cross Site Scripting
The Brilliant Gallery module allows users to publish photos in galleries. Two vulnerabilities were found in the module. SQL Injection Brilliant Gallery does not properly use the Drupal database API and inserts values from URLs directly into queries. This can be exploited to perform SQL Injection...
SA-2008-028 - Internationalization and Localizer - Cross site scripting
The Internationalization i18n and Localizer modules add multi-lingual capabilities to Drupal sites. They provide control over a site's user interface language, the ability to enter and control content in multiple languages, and can detect the browser language. Several values are displayed without...
SA-2008-025 - Simple access - Access bypass
The Simple Access module is a node access module that allows administrators to make some nodes private and/or editable by certain user roles. The module contains a flaw that results in the privacy information for a node being lost under certain conditions. These conditions are usually triggered v...
SA-2008-020 - Ubercart - Cross site scripting
The attribute module allows customers to enter a text value as an attribute for a product, like a name to stitch into a hat. However, when these text values were displayed in the shopping cart or on order pages, there was a possibility for a malicious user to perform a cross site scripting attack...
SA-2008-013 - Project issue tracking - Arbitrary file upload
The Project issue tracking module has a vulnerability where new issues are not properly validated. If the core Upload module is enabled on issue nodes the recommended configuration for the 5.x-2. series, this vulnerability can be used to attach malicious files to new issues, regardless of the...
SA-2008-10 - Archive - Cross site scripting
The Archive module provides a replacement for the archive functionality that was present in Drupal 4.7. Certain URL arguments are not escaped before display. It is therefore possible to inject arbitrary HTML and script code into certain archive pages, which may lead to administrator access if...
SA-2008-001 - Devel - Cross site scripting
The devel module contains many useful developer functions, such as a query log and the display of variables. The contents of the variable table is not escaped prior to display. Should an unprivileged user be able to control the contents of a site variable, it would be possible to inject arbitrary...
SA-2008-004 - Fileshare - Arbitrary code execution
The fileshare module is used to create nodes that allow browsing, uploading, downloading and deleting of files from a fileshare directory that is created by Drupal and linked to the node. Users who are able to create fileshare nodes are able to execute arbitrary code on the server. Versions...
SA-2007-021: Project issue tracking - XSS vulnerabilities in subscription forms.
The Project issue tracking module provides a subscription functionality enabling users to sign up for e-mail notification of issue updates. The subscriptions can be edited on both an individual or overview form. Users who have permissions to create or edit projects may be able to inject arbitrary...
Project and Project issue tracking - Multiple vulnerabilities
Multiple vulnerabilities have been discovered and fixed in the Project and Project issue tracking modules: Access bypass in Project issue tracking Due to an error in the projectissueaccess function, users with the 'Access project issues' permission would have full access to all issues on a site,...
Search Keywords cross site scripting vulnerability
It is possible for a malicious user to insert and execute XSS Cross Site Scripting, due to lack of validation on output. This may lead to administrator access if certain conditions are met. Learn more about XSS on Wikipedia. Versions affected Drupal core is not affected. If you do not use the...