|
278091
|
- |
|
taxonomy_path_project
|
taxonomy_path
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link to path" field fo…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3385
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278092
|
- |
|
commerce_balanced_payments_project
|
commerce_balanced_payments
|
Cross-site scripting (XSS) vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3384
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278093
|
- |
|
insite
|
node_basket
|
Open redirect vulnerability in the Node basket module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2015-3383
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278094
|
- |
|
insite
|
node_basket
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2)…
|
CWE-352
Origin Validation Error
|
CVE-2015-3382
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278095
|
- |
|
insite
|
node_basket
|
Cross-site scripting (XSS) vulnerability in the Node basket module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3381
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278096
|
- |
|
funnymonkey
|
feature_set
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Feature Set module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (…
|
CWE-352
Origin Validation Error
|
CVE-2015-3380
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278097
|
- |
|
views_project
|
views
|
The Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to the default views configurations, which allows remote authenticat…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3379
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278098
|
- |
|
views_project
|
views
|
Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated us…
|
NVD-CWE-Other
|
CVE-2015-3378
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278099
|
- |
|
quizzler_project
|
quizzler
|
Cross-site scripting (XSS) vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3376
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278100
|
- |
|
niif
|
shibboleth_authentication
|
Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of ad…
|
CWE-352
Origin Validation Error
|
CVE-2015-3375
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
