|
300051
|
- |
|
restful_web_services_project
|
restful_web_services
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to hi…
|
CWE-352
Origin Validation Error
|
CVE-2012-5556
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300052
|
- |
|
coleman_watts
|
webform_civicrm
|
The default configuration for the Webform CiviCRM Integration module 7.x-3.x before 7.x-3.2 has "Enforce Permissions" disabled, which allows remote attackers to obtain contact information by reading …
|
CWE-200
Information Exposure
|
CVE-2012-5554
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300053
|
- |
|
daniel_honrade
|
om_maximenu
|
Multiple cross-site scripting (XSS) vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM M…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5553
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300054
|
- |
|
erikwebb
|
password_policy
|
The Password policy module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to obtain password hashes by sniffing the network, related to "client-side password his…
|
CWE-200
Information Exposure
|
CVE-2012-5552
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300055
|
- |
|
thinkshout
|
mailchimp
|
Multiple cross-site scripting (XSS) vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5551
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300056
|
- |
|
carlos_carvalhar
|
time_spent
|
SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-5550
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300057
|
- |
|
carlos_carvalhar
|
time_spent
|
Cross-site request forgery (CSRF) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-5549
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300058
|
- |
|
carlos_carvalhar
|
time_spent
|
Cross-site scripting (XSS) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5548
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300059
|
- |
|
thomas_seidl
|
search_api
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for request…
|
CWE-352
Origin Validation Error
|
CVE-2012-5547
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300060
|
- |
|
rob_loach
|
sharethis
|
Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis module 7.x-2.x before 7.x-2.5 for Drupal allow remote authenticated users with the "administer sharethis" permission to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5545
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
