|
272021
|
- |
|
trick_question_project
|
trick_question
|
Cross-site scripting (XSS) vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4369
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272022
|
- |
|
commerce_ogone_project
|
commerce_ogone
|
The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the checkout for an order without paying via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-4368
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272023
|
- |
|
simple_subscription_project
|
simple_subscription
|
Cross-site scripting (XSS) vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permissi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4367
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272024
|
- |
|
mover_project
|
mover
|
Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4366
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272025
|
- |
|
taxonomy_accordion_project
|
taxonomy_accordion
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors rela…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4365
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272026
|
- |
|
finder_project
|
finder
|
Open redirect vulnerability in the finder_form_goto function in the Finder module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecif…
|
NVD-CWE-Other
|
CVE-2015-4363
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272027
|
- |
|
tracking_code_project
|
tracking_code
|
Cross-site request forgery (CSRF) vulnerability in tracking_code.admin.inc in the Tracking Code module 7.x-1.x before 7.x-1.6 for Drupal allows remote attackers to hijack the authentication of admini…
|
CWE-352
Origin Validation Error
|
CVE-2015-4362
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272028
|
- |
|
registration_codes_project
|
registration_codes
|
Cross-site request forgery (CSRF) vulnerability in the Registration codes module before 6.x-1.6 for Drupal allows remote attackers to hijack the authentication of administrators for requests that del…
|
CWE-352
Origin Validation Error
|
CVE-2015-4361
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272029
|
- |
|
registration_codes_project
|
registration_codes
|
Cross-site request forgery (CSRF) vulnerability in the Registration codes module before 6.x-1.6, 6.x-2.x before 6.x-2.8, and 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to hijack the au…
|
CWE-352
Origin Validation Error
|
CVE-2015-4360
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272030
|
- |
|
campaign_monitor_project
|
campaign_monitor
|
Multiple cross-site request forgery (CSRF) vulnerabilities in includes/campaignmonitor_lists.admin.inc in the Campaign Monitor module 7.x-1.0 for Drupal allow remote attackers to hijack the authentic…
|
CWE-352
Origin Validation Error
|
CVE-2015-4364
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
