|
290541
|
- |
|
ubercart
|
ubercart
|
Cross-site scripting (XSS) vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0322
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290542
|
- |
|
ubercart_views_project
|
uc_views
|
Cross-site scripting (XSS) vulnerability in Views in the Ubercart Views (uc_views) module 6.x before 6.x-3.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full nam…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0321
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290543
|
- |
|
mattias_hutterer
|
taxonomy_manager
|
Cross-site request forgery (CSRF) vulnerability in the Taxonomy Manager (taxonomy_manager) module 6.x-2.x before 6.x-2.2 and 7.x-1.x before 7.x-1.0-rc1 for Drupal allows remote attackers to hijack th…
|
CWE-352
Origin Validation Error
|
CVE-2013-0320
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290544
|
- |
|
yandex.metrics_project
|
yandex_metrics
|
Cross-site scripting (XSS) vulnerability in the Yandex.Metrics module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0319
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290545
|
- |
|
banckle_chat_project
|
banckle_chat
|
The admin page in the Banckle Chat module for Drupal does not properly restrict access, which allows remote attackers to bypass intended restrictions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0318
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290546
|
- |
|
joe_haskins
|
og_manager_change
|
Cross-site scripting (XSS) vulnerability in the Manager Change for Organic Groups (og_manager_change) module 7.x-2.x before 7.x-2.1 for Drupal might allow remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0317
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290547
|
- |
|
drupal
|
drupal
|
The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU and disk space consumption) via a large number of new derivative requests.
|
CWE-399
Resource Management Errors
|
CVE-2013-0316
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290548
|
- |
|
elliot_pahl
|
drush_debian_packaging
|
Unspecified vulnerability in the Drush Debian Packaging module for Drupal allows local users to obtain database credentials via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0260
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290549
|
- |
|
boxes_project
|
boxes
|
Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with administer or edit boxes permissions to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0259
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290550
|
- |
|
google_authenticator_login_project
|
ga_login
|
The Google Authenticator login (ga_login) module 7.x before 7.x-1.3 for Drupal, when multi-factor authentication is enabled, allows remote attackers to bypass authentication for accounts without an a…
|
CWE-287
Improper Authentication
|
CVE-2013-0258
|
2024-11-21 10:47 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
