|
273431
|
- |
|
invoice_project
|
invoice
|
Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices" permis…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4381
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273432
|
- |
|
linear_case_project
|
linear_case
|
Cross-site scripting (XSS) vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2015-4380
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273433
|
- |
|
webform_multiple_file_upload_project
|
webform_multiple_file_upload
|
Cross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentic…
|
CWE-352
Origin Validation Error
|
CVE-2015-4379
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273434
|
- |
|
crumbs_project
|
crumbs
|
Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "Administer Crumbs" permission to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4378
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273435
|
- |
|
petition_project
|
petition
|
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition" perm…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4377
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273436
|
- |
|
profile2_privacy_project
|
profile2_privacy
|
Cross-site scripting (XSS) vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Profile2 Privacy Levels" permission to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4376
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273437
|
- |
|
chaos_tool_suite_project
|
ctools
|
The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access quer…
|
CWE-200
Information Exposure
|
CVE-2015-4375
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273438
|
- |
|
og_tabs_project
|
og_tabs
|
Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2015-4373
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273439
|
- |
|
image_title_project
|
image_title
|
Cross-site scripting (XSS) vulnerability in the Image Title module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4372
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273440
|
- |
|
perfecto_project
|
perfecto
|
Open redirect vulnerability in the Perfecto module before 7.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified …
|
NVD-CWE-Other
|
CVE-2015-4371
|
2024-11-21 11:30 |
2015-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
