|
273911
|
- |
|
canonical
debian
point-to-point_protocol_project
|
ubuntu_linux
debian_linux
point-to-point_protocol
|
Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3310
|
2024-11-21 11:29 |
2015-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273912
|
- |
|
certify_project
|
certify
|
The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF cert…
|
CWE-200
Information Exposure
|
CVE-2015-3404
|
2024-11-21 11:29 |
2015-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273913
|
- |
|
fibonacciorange
|
wedeal
|
Open redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified pa…
|
NVD-CWE-Other
|
CVE-2015-3393
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273914
|
- |
|
ajax_timeline_project
|
ajax_timeline
|
Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3392
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273915
|
- |
|
path_breadcrumbs_project
|
path_breadcrumbs
|
The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page.
|
CWE-200
Information Exposure
|
CVE-2015-3391
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273916
|
- |
|
facebook_album_fetcher_project
|
facebook_album_fetcher
|
Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3390
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273917
|
- |
|
public_download_count_project
|
public_download_count
|
Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3389
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273918
|
- |
|
balanced
|
commerce_balanced_payments
|
Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete th…
|
CWE-352
Origin Validation Error
|
CVE-2015-3388
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273919
|
- |
|
taxonomy_tools_project
|
taxonomy_tools
|
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Tools module before 7.x-1.4 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via a (1) node or (2…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3387
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273920
|
- |
|
node_access_product_project
|
node_access_product
|
Cross-site scripting (XSS) vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3386
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
