4 matches found
CVE-2010-4521
This entry (CVE-2010-4521) concerns the Drupal Views module (6.x) before 6.x-2.12. The vulnerability is an XSS flaw that allows an attacker to inject arbitrary web script or HTML via a page path, as described by connected sources (Drupal/VI). The OpenVAS/Nessus entries corroborate XSS in the Drup...
CVE-2010-4519
The CVE-2010-4519 entry concerns Drupal’s Views module (Views UI) with cross-site request forgery vulnerabilities in the 5.x series (<5.x-1.8) and the 6.x series (
CVE-2010-4520
The CVE-2010-4520 entry describes multiple cross-site scripting (XSS) vulnerabilities in Drupal’s Views module for 6.x releases, specifically before 6.x-2.11. The issue allows remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator feed title. The provided docum...
CVE-2011-4113
CVE-2011-4113 describes a SQL injection vulnerability in the Drupal Views module , present in versions before 6.x-2.13 . The issue allows remote attackers to execute arbitrary SQL commands via vectors related to the filters/arguments on certain types of views with specific configurations of argum...