|
296891
|
- |
|
karen_stevenson
|
date
|
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to exec…
|
CWE-89
SQL Injection
|
CVE-2012-1626
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296892
|
- |
|
wizonesolutions
|
fillpdf
|
Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in the Fill PDF module 6.x-1.x before 6.x-1.16 and 7.x-1.x before 7.x-1.2 for Drupal allows remote authent…
|
CWE-94
Code Injection
|
CVE-2012-1625
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296893
|
- |
|
erikwebb
|
password_policy
|
Cross-site request forgery (CSRF) vulnerability in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote attackers to hijack the authentication of administrative users …
|
CWE-352
Origin Validation Error
|
CVE-2012-1633
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296894
|
- |
|
erik_webb
|
password_policy
|
Cross-site scripting (XSS) vulnerability in password_policy.admin.inc in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote authenticated users with administer polic…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1632
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296895
|
- |
|
marvil07
|
vote_up_down
|
Cross-site scripting (XSS) vulnerability in vud_term.module in the Vote Up/Down module 6.x-2.x before 6.x-2.8 and 6.x-3.x before 6.x-3.1 for Drupal allows remote authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1627
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296896
|
- |
|
alquimia
|
managesite
|
Multiple cross-site scripting (XSS) vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 for Drupal allow remote authenticated users with "administer managesite" permissions to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1640
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296897
|
- |
|
dominique_clause
|
search_autocomplete
|
SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL comman…
|
CWE-89
SQL Injection
|
CVE-2012-1638
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296898
|
- |
|
collectivecolors
|
taxonomy_view_integrator_module
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Views Integrator (TVI) module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1653
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296899
|
- |
|
wim_leers
wimleers
|
hierarchical_select
|
Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1652
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296900
|
- |
|
thinkleft
|
submenu_tree
|
Cross-site scripting (XSS) vulnerability in the Submenu Tree module before 6.x-1.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1651
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
