|
270401
|
- |
|
petition_project
|
petition
|
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition" perm…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4377
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270402
|
- |
|
profile2_privacy_project
|
profile2_privacy
|
Cross-site scripting (XSS) vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Profile2 Privacy Levels" permission to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4376
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270403
|
- |
|
chaos_tool_suite_project
|
ctools
|
The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access quer…
|
CWE-200
Information Exposure
|
CVE-2015-4375
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270404
|
- |
|
og_tabs_project
|
og_tabs
|
Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2015-4373
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270405
|
- |
|
image_title_project
|
image_title
|
Cross-site scripting (XSS) vulnerability in the Image Title module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4372
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270406
|
- |
|
perfecto_project
|
perfecto
|
Open redirect vulnerability in the Perfecto module before 7.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified …
|
NVD-CWE-Other
|
CVE-2015-4371
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270407
|
- |
|
site_documentation_project
|
site_documentation
|
Cross-site scripting (XSS) vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4370
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270408
|
- |
|
trick_question_project
|
trick_question
|
Cross-site scripting (XSS) vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4369
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270409
|
- |
|
commerce_ogone_project
|
commerce_ogone
|
The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the checkout for an order without paying via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-4368
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270410
|
- |
|
simple_subscription_project
|
simple_subscription
|
Cross-site scripting (XSS) vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permissi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4367
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
