|
271691
|
- |
|
decisions_project
|
decisions
|
Cross-site request forgery (CSRF) vulnerability in the Decisions module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that remove individual voters v…
|
CWE-352
Origin Validation Error
|
CVE-2015-4383
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271692
|
- |
|
invoice_project
|
invoice
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of ar…
|
CWE-352
Origin Validation Error
|
CVE-2015-4382
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271693
|
- |
|
invoice_project
|
invoice
|
Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices" permis…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4381
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271694
|
- |
|
linear_case_project
|
linear_case
|
Cross-site scripting (XSS) vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2015-4380
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271695
|
- |
|
webform_multiple_file_upload_project
|
webform_multiple_file_upload
|
Cross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentic…
|
CWE-352
Origin Validation Error
|
CVE-2015-4379
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271696
|
- |
|
crumbs_project
|
crumbs
|
Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "Administer Crumbs" permission to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4378
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271697
|
- |
|
petition_project
|
petition
|
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition" perm…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4377
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271698
|
- |
|
profile2_privacy_project
|
profile2_privacy
|
Cross-site scripting (XSS) vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Profile2 Privacy Levels" permission to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4376
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271699
|
- |
|
chaos_tool_suite_project
|
ctools
|
The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access quer…
|
CWE-200
Information Exposure
|
CVE-2015-4375
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271700
|
- |
|
og_tabs_project
|
og_tabs
|
Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2015-4373
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
