|
270901
|
- |
|
node_invite_project
|
node_invite
|
Cross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "node_invite_can_manage_invi…
|
CWE-352
Origin Validation Error
|
CVE-2015-3370
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270902
|
- |
|
taxonews_project
|
taxonews
|
Cross-site scripting (XSS) vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3369
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270903
|
- |
|
osinet
|
classified_ads
|
Cross-site scripting (XSS) vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3368
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270904
|
- |
|
patterns
|
patterns
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Patterns module before 7.x-2.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1)…
|
CWE-352
Origin Validation Error
|
CVE-2015-3367
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270905
|
- |
|
alfresco
|
alfresco
|
Cross-site request forgery (CSRF) vulnerability in the Alfresco module before 6.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete an al…
|
CWE-352
Origin Validation Error
|
CVE-2015-3366
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270906
|
- |
|
nodeauthor_project
|
nodeauthor
|
Cross-site scripting (XSS) vulnerability in the nodeauthor module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a Profile2 field in a provided block.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3365
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270907
|
- |
|
levelteninteractive
|
content_analysis
|
Cross-site scripting (XSS) vulnerability in the Content Analysis module before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3364
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270908
|
- |
|
joshics
|
contact_form_fields
|
Cross-site request forgery (CSRF) vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that de…
|
CWE-352
Origin Validation Error
|
CVE-2015-3363
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270909
|
- |
|
video_project
|
video
|
Cross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3362
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270910
|
- |
|
linkit_project
|
linkit
|
Cross-site scripting (XSS) vulnerability in the Linkit module before 7.x-2.7 and 7.x-3.x before 7.x-3.3 for Drupal, when the node search plugin is enabled, allows remote authenticated users to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3361
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
