Drupal Amadou third party theme version 6.x suffers from a cross site scripting vulnerability.
1bdcad999e5c211784a48b9d6895e9c9The Drupal ShareThis module version 7.x suffers from cross site scripting and cross site request forgery vulnerabilities.
d7596bbec9dd1ad9034f9a506415ffbeThe Drupal Contact Save module version 6.x suffers from a cross site scripting vulnerability.
c19644fad57ebb9838d317e0976ee7d3The Drupal Ubercart Views module version 6.x suffers from an access bypass vulnerability.
678aa5d5048edf0d6e94afb41bc4b8ebThe Drupal Bundle Copy module version 6.x suffers from an arbitrary code execution vulnerability.
12c58335650e83ea14a51eddd49bb986The Drupal Share Buttons module version 6.x suffers from a cross site scripting vulnerability.
032660693866687649d89e2edd6ea1b3The Drupal Contact Forms module version 6.x suffers from a cross site scripting vulnerability.
b0dd11cb6a3bc7b2bc21bf5629086245The Drupal MultiBlock module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
53b80c09bedbdc4dddf3e3b5e202e21dDrupal FCKEditor/CKEditor module remote PHP code execution exploit.
9d9241613b87c0bc1d7c9664845a5980The Drupal Wishlist module versions 6.x and 7.x suffer from cross site request forgery and cross site scripting vulnerabilities.
2f7bfab3027c5885c74b9f6cc3244dbaThe Fancy Slide module in Drupal 6.x suffers from a cross site scripting vulnerability.
f17087299d6a4d64251cc777c01d5055CKEditor and FCKeditor modules in Drupal versions 6.x and 7.x suffer from PHP code execution, cross site request forgery, and cross site scripting vulnerabilities.
1c0fe95581fe894d03255a349fa668bfThe Language Icons module in Drupal versions 6.x and 7.x suffers from a cross site scripting vulnerability.
f41273c8f9f01d9c73868ad6dcc2b819The Views Language Switcher in Drupal version 7.x suffers from a cross site scripting vulnerability.
ed47eb57fcc4ecab967ad190ed9df9a5The Drupal Slidebox module version 7.x suffers from an access bypass vulnerability.
07f45805d636e668edea93ed22eea79bVarious Drupal modules such as Content Lock, Ubercart Bulk Stock Updater, Ubercart Payflow Link, ticketyboo News Ticker, Admin tools, and Redirecting click bouncer suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
10da15283fa34560f4470aea6bb0b7eaThe Search module in Drupal version 7.x suffers from a path disclosure vulnerability.
389d4081c60e6d96f1d85cfe0b9a035eThe Drupal Webform module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
05e8c1a05eeb06923b80db8d1cc4893aThe Drupal Note Recommendation module version 6.x suffers from a cross site scripting vulnerability.
a9777d1706f439b66e3a447aea8c8762The Read More Link module version 6.x in Drupal allows you to move the "Read more" link from the node's links area to the end of the teaser text. A user could inject java script into pages affecting other site users. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access administration pages."
011285bd6f4cb935c0d37eae71940072The Drupal block class module allows users to add classes to any block through the block's configuration interface The class names in a block were not properly filtered. Someone with the ability to modify or create blocks could inject java script that would be rendered when viewing the block. Blockclass versions prior to 7.x-1.0 are affected.
92bb61df738055b8e89c3a2cee251eeaUC PayDutchGroup / WeDeal payment integrates the PayDutchGroup / WeDeal payment gateway with Ubercart. The module exposes account credentials for the store's PayDutchGroup account under certain circumstances allowing a malicious user to login to the PayDutchGroup site as the store owner and manage the store owner's account. The vulnerability is mitigated by an attacker needing to gain an account with the ability to checkout of the store. Multisite Search allows you to index and search content from all sites in a Multisite configuration. The module doesn't sufficiently escape user input when constructing queries. The vulnerability is mitigated by the fact that in order to execute arbitrary sql injection malicious users must have the ability to administer multisite search.
f4ba0336fff0cf8347f4d9492ceebf9dThe Drupal Data module 6.x-1.x versions prior to 6.x-1.0 suffer from a cross site scripting vulnerability.
571b60cce70fceb377c51462788e551cDrupal CMS version 7.12 suffers from multiple cross site request forgery vulnerabilities.
624cc16af3f882c63334256d25a4f257Taxonomy Views Integrator version 6.x suffers from a cross site scripting vulnerability.
41488e22f5ceb3621f0b84f808cd550cHierarchical Select version 6.x suffers from a cross site scripting vulnerability.
39f5c665d3dfceac1bfc39cefca49bc3
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed