|
272191
|
- |
|
quizzler_project
|
quizzler
|
Cross-site scripting (XSS) vulnerability in the Quizzler module before 7-x.1.16 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3376
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272192
|
- |
|
niif
|
shibboleth_authentication
|
Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of ad…
|
CWE-352
Origin Validation Error
|
CVE-2015-3375
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272193
|
- |
|
corner_project
|
corner
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Corner module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) di…
|
CWE-352
Origin Validation Error
|
CVE-2015-3374
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272194
|
- |
|
amazon_aws_project
|
amazon_aws
|
The Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and AWS access key to generate the access token, which makes it easier for remote attackers to guess the token value and create backu…
|
CWE-200
Information Exposure
|
CVE-2015-3373
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272195
|
- |
|
node_invite_project
|
node_invite
|
Cross-site scripting (XSS) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3372
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272196
|
- |
|
node_invite_project
|
node_invite
|
Open redirect vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination param…
|
NVD-CWE-Other
|
CVE-2015-3371
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272197
|
- |
|
node_invite_project
|
node_invite
|
Cross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "node_invite_can_manage_invi…
|
CWE-352
Origin Validation Error
|
CVE-2015-3370
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272198
|
- |
|
taxonews_project
|
taxonews
|
Cross-site scripting (XSS) vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3369
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272199
|
- |
|
osinet
|
classified_ads
|
Cross-site scripting (XSS) vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3368
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272200
|
- |
|
patterns
|
patterns
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Patterns module before 7.x-2.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1)…
|
CWE-352
Origin Validation Error
|
CVE-2015-3367
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
