|
270881
|
- |
|
path_breadcrumbs_project
|
path_breadcrumbs
|
The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page.
|
CWE-200
Information Exposure
|
CVE-2015-3391
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270882
|
- |
|
facebook_album_fetcher_project
|
facebook_album_fetcher
|
Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3390
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270883
|
- |
|
public_download_count_project
|
public_download_count
|
Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3389
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270884
|
- |
|
balanced
|
commerce_balanced_payments
|
Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete th…
|
CWE-352
Origin Validation Error
|
CVE-2015-3388
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270885
|
- |
|
taxonomy_tools_project
|
taxonomy_tools
|
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Tools module before 7.x-1.4 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via a (1) node or (2…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3387
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270886
|
- |
|
node_access_product_project
|
node_access_product
|
Cross-site scripting (XSS) vulnerability in the Node Access Product module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3386
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270887
|
- |
|
taxonomy_path_project
|
taxonomy_path
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link to path" field fo…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3385
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270888
|
- |
|
commerce_balanced_payments_project
|
commerce_balanced_payments
|
Cross-site scripting (XSS) vulnerability in the Bank Account Listing Page in the Commerce Balanced Payments module for Drupal allows remote authenticated users to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3384
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270889
|
- |
|
insite
|
node_basket
|
Open redirect vulnerability in the Node basket module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2015-3383
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270890
|
- |
|
insite
|
node_basket
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2)…
|
CWE-352
Origin Validation Error
|
CVE-2015-3382
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
