|
295691
|
- |
|
earl_dunovant
|
monthly_archive_by_node_type
|
The Monthly Archive by Node Type module 6.x for Drupal does not properly check permissions defined by node_access modules, which allows remote attackers to access restricted nodes via unspecified vec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4491
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295692
|
- |
|
ricky_morse
|
excluded_users
|
Multiple cross-site scripting (XSS) vulnerabilities in the Excluded Users module 6.x-1.x before 6.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via a (1) user name or…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4490
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295693
|
- |
|
mark_burdett
|
securelogin
|
Open redirect vulnerability in the securelogin_secure_redirect function in the Secure Login module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites a…
|
CWE-20
Improper Input Validation
|
CVE-2012-4489
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295694
|
- |
|
location_module_project
|
location
|
The Location module 6.x before 6.x-3.2 and 7.x before 7.x-3.0-alpha1 for Drupal does not properly check user or node access permissions, which allows remote attackers to read node or user results via…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4488
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295695
|
- |
|
manuel_garcia
|
galleryformatter
|
Multiple cross-site scripting (XSS) vulnerabilities in the galleryformatter_field_formatter_view functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow rem…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4485
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295696
|
- |
|
trexart
|
campaignmonitor
|
Cross-site scripting (XSS) vulnerability in the administrative interface in the Campaign Monitor module before 6.x-2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via un…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4484
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295697
|
- |
|
acquia
|
commons
|
The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4483
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295698
|
- |
|
longwaveconsulting
|
ubercart_securetrading_payment_method_module
|
The Ubercart SecureTrading Payment Method module 6.x for Drupal does not properly verify payment notification information, which allows remote attackers to purchase an item without paying via unspeci…
|
CWE-20
Improper Input Validation
|
CVE-2012-4482
|
2024-11-21 10:42 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295699
|
- |
|
libtiff
|
libtiff
|
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF im…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4447
|
2024-11-21 10:42 |
2012-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295700
|
- |
|
c61
|
tokyo_bbs
|
Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on Girls Interface (CGI) Tokyo BBS allows remote attackers to inject arbitrary web script or HTML via vectors related to the error pa…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4019
|
2024-11-21 10:42 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
