|
293141
|
- |
|
mclewin
|
wishlist
|
Cross-site request forgery (CSRF) vulnerability in the Wishlist module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.6 for Drupal allows remote attackers to hijack the authentication of arbitrary u…
|
CWE-352
Origin Validation Error
|
CVE-2012-2069
|
2024-11-21 10:38 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293142
|
- |
|
tiger-fish
|
fancy_slide
|
Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module before 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permissi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2068
|
2024-11-21 10:38 |
2012-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293143
|
- |
|
ckeditor
|
fckeditor
ckeditor
|
Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal, when the core PHP module is enabled, allo…
|
NVD-CWE-noinfo
|
CVE-2012-2067
|
2024-11-21 10:38 |
2012-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293144
|
- |
|
ckeditor
|
fckeditor
ckeditor
|
Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal allows remote authenticate…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2066
|
2024-11-21 10:38 |
2012-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293145
|
- |
|
freso
|
languageicons
|
Cross-site scripting (XSS) vulnerability in the Language Icons module 6.x-2.x before 6.x-2.1 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with administer languages permissi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2065
|
2024-11-21 10:38 |
2012-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293146
|
- |
|
mark_theunissen
|
views_lang_switch
|
Cross-site scripting (XSS) vulnerability in theme/views_lang_switch.theme.inc in the Views Language Switcher module before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2064
|
2024-11-21 10:38 |
2012-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293147
|
- |
|
brian_altenhofel
|
slidebox
|
The Slidebox module before 7.x-1.4 for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2063
|
2024-11-21 10:38 |
2012-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293148
|
- |
|
buddypress
|
buddypress
|
SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_wid…
|
CWE-89
SQL Injection
|
CVE-2012-2109
|
2024-11-21 10:38 |
2012-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293149
|
- |
|
emc
|
networker
|
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specif…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-2288
|
2024-11-21 10:38 |
2012-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293150
|
- |
|
yaniv_aran-shamir
|
gigya
|
Cross-site scripting (XSS) vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2117
|
2024-11-21 10:38 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
