|
296531
|
- |
|
steindom
|
contact_save
|
Cross-site scripting (XSS) vulnerability in the Contact Save module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the access site-wide contact form permission to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2075
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296532
|
- |
|
ubercart_views_project
|
uc_views
|
Unspecified vulnerability in certain default views in the Ubercart Views module 6.x before 6.x-3.2 for Drupal allows remote attackers to obtain sensitive information via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-2074
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296533
|
- |
|
kristof_de_jaeger
|
bundle_copy
|
The Bundle copy module 7.x-1.x before 7.x-1.1 for Drupal does not check for the "use PHP for settings" permission while importing settings, which allows remote authenticated users with certain permis…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2073
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296534
|
- |
|
patrick_przybilla
|
addtoany
|
Cross-site scripting (XSS) vulnerability in the Share Buttons (AddToAny) module 6.x-3.x before 6.x-3.4 for Drupal allows remote authenticated users with the administer addtoany permission to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2072
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296535
|
- |
|
geoff_davies
|
contact_forms
|
Cross-site scripting (XSS) vulnerability in the Contact Forms module 6.x-1.x before 6.x-1.13 for Drupal when the core contact form is enabled, allows remote authenticated users with the administer si…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2071
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296536
|
- |
|
andrew_levine
|
multiblock
|
Cross-site scripting (XSS) vulnerability in the MultiBlock module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the administer blocks permission …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2070
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296537
|
- |
|
emil_stjerneman
|
linkit
|
The Linkit module 7.x-2.x before 7.x-2.3 for Drupal, when using an entity access module, does not check permissions when searching for entities, which allows remote attackers to obtain sensitive info…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2304
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296538
|
- |
|
ubercart
|
ubercart
|
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product cl…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2300
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296539
|
- |
|
ubercart
|
ubercart
|
The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive informat…
|
CWE-255
Credentials Management
|
CVE-2012-2299
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296540
|
- |
|
drupal
nancy_wichmann
|
realname
|
Multiple cross-site scripting (XSS) vulnerabilities in the RealName module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) "…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2298
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
