|
290641
|
- |
|
carlos_carvalhar
|
time_spent
|
SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-5550
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290642
|
- |
|
carlos_carvalhar
|
time_spent
|
Cross-site request forgery (CSRF) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-5549
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290643
|
- |
|
carlos_carvalhar
|
time_spent
|
Cross-site scripting (XSS) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5548
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290644
|
- |
|
thomas_seidl
|
search_api
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for request…
|
CWE-352
Origin Validation Error
|
CVE-2012-5547
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290645
|
- |
|
rob_loach
|
sharethis
|
Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis module 7.x-2.x before 7.x-2.5 for Drupal allow remote authenticated users with the "administer sharethis" permission to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5545
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290646
|
- |
|
thinkshout
|
mandrill
|
The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to obtain password reset links by reading the logs in the Mandrill dashboard.
|
CWE-200
Information Exposure
|
CVE-2012-5544
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290647
|
- |
|
feeds_project
|
feeds
|
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5543
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290648
|
- |
|
pedro_cambra
|
commerce_extra_panes
|
Cross-site request forgery (CSRF) vulnerability in the Commerce Extra Panes module 7.x-1.x before 7.x-1.1 in Drupal allows remote attackers to hijack the authentication of administrators for requests…
|
CWE-352
Origin Validation Error
|
CVE-2012-5542
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290649
|
- |
|
twitter_pull_project
|
twitter_pull
|
Cross-site scripting (XSS) vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5541
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290650
|
- |
|
tekritisoftware
|
hostip
|
Multiple cross-site scripting (XSS) vulnerabilities in the Hostip module 6.x-2.x before 6.x-2.2 and 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers with control of hostip.info to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5540
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
