what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Drupal Secure Login 7.x Open Redirect
Posted Jul 25, 2012
Authored by Albert Martin | Site drupal.org

Drupal Secure Login third party module version 7.x suffers from an open redirect vulnerability.

tags | advisory
MD5 | 49248432de43eea9933802a3d9ee33d3

Related Files

Drupal ShareThis 7.x Cross Site Scripting / Cross Site Request Forgery
Posted Mar 29, 2012
Authored by Travis Tomka | Site drupal.org

The Drupal ShareThis module version 7.x suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, xss, csrf
MD5 | d7596bbec9dd1ad9034f9a506415ffbe
Drupal Contact Save 6.x Cross Site Scripting
Posted Mar 29, 2012
Authored by Stella Power | Site drupal.org

The Drupal Contact Save module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | c19644fad57ebb9838d317e0976ee7d3
Drupal Ubercart Views 6.x Access Bypass
Posted Mar 29, 2012
Authored by Derek Wright | Site drupal.org

The Drupal Ubercart Views module version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 678aa5d5048edf0d6e94afb41bc4b8eb
Drupal Bundle Copy 7.x Cross Site Scripting
Posted Mar 29, 2012
Authored by David Rothstein | Site drupal.org

The Drupal Bundle Copy module version 6.x suffers from an arbitrary code execution vulnerability.

tags | advisory, arbitrary, code execution
MD5 | 12c58335650e83ea14a51eddd49bb986
Drupal Share Buttons 6.x Cross Site Scripting
Posted Mar 29, 2012
Authored by Kyle Small | Site drupal.org

The Drupal Share Buttons module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 032660693866687649d89e2edd6ea1b3
Drupal Contact Forms 6.x Cross Site Scripting
Posted Mar 29, 2012
Authored by Ivo Van Geertruyen | Site drupal.org

The Drupal Contact Forms module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | b0dd11cb6a3bc7b2bc21bf5629086245
Drupal MultiBlock 6.x / 7.x Cross Site Scripting
Posted Mar 29, 2012
Authored by Justin C. Klein Keane | Site drupal.org

The Drupal MultiBlock module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 53b80c09bedbdc4dddf3e3b5e202e21d
Drupal FCKEditor/CKEditor PHP Execution
Posted Mar 24, 2012
Authored by Patroscan

Drupal FCKEditor/CKEditor module remote PHP code execution exploit.

tags | exploit, remote, php, code execution
MD5 | 9d9241613b87c0bc1d7c9664845a5980
Drupal Wishlist Module 6.x / 7.x XSS / CSRF
Posted Mar 22, 2012
Authored by Justin C. Klein Keane | Site drupal.org

The Drupal Wishlist module versions 6.x and 7.x suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
MD5 | 2f7bfab3027c5885c74b9f6cc3244dba
Drupal Fancy Slide Cross Site Scripting
Posted Mar 15, 2012
Authored by Justin C. Klein Keane | Site drupal.org

The Fancy Slide module in Drupal 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | f17087299d6a4d64251cc777c01d5055
Drupal CKEditor / FCKeditor XSS / XSRF / Code Execution
Posted Mar 15, 2012
Authored by Heine Deelstra | Site drupal.org

CKEditor and FCKeditor modules in Drupal versions 6.x and 7.x suffer from PHP code execution, cross site request forgery, and cross site scripting vulnerabilities.

tags | advisory, php, vulnerability, code execution, xss, csrf
MD5 | 1c0fe95581fe894d03255a349fa668bf
Drupal Language Icons Cross Site Scripting
Posted Mar 15, 2012
Authored by Frederik S. Olesen, Jose Reyero | Site drupal.org

The Language Icons module in Drupal versions 6.x and 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | f41273c8f9f01d9c73868ad6dcc2b819
Drupal 7.x Views Language Switcher Cross Site Scripting
Posted Mar 15, 2012
Authored by Chris Ruppel | Site drupal.org

The Views Language Switcher in Drupal version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | ed47eb57fcc4ecab967ad190ed9df9a5
Drupal Slidebox 7.x Access Bypass
Posted Mar 14, 2012
Authored by Joshua Brauer | Site drupal.org

The Drupal Slidebox module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 07f45805d636e668edea93ed22eea79b
Drupal Modules Cross Site Scripting / Cross Site Request Forgery
Posted Mar 14, 2012
Site drupal.org

Various Drupal modules such as Content Lock, Ubercart Bulk Stock Updater, Ubercart Payflow Link, ticketyboo News Ticker, Admin tools, and Redirecting click bouncer suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection, csrf
MD5 | 10da15283fa34560f4470aea6bb0b7ea
Drupal 7.x Search Module Path Disclosure
Posted Mar 14, 2012
Authored by Ursu Mihail

The Search module in Drupal version 7.x suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 389d4081c60e6d96f1d85cfe0b9a035e
Drupal Webform 6.x / 7.x Cross Site Scripting
Posted Mar 8, 2012
Authored by Kyle Small | Site drupal.org

The Drupal Webform module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 05e8c1a05eeb06923b80db8d1cc4893a
Drupal Node Recommendation 6.x Cross Site Scripting
Posted Mar 8, 2012
Authored by Dylan Tack | Site drupal.org

The Drupal Note Recommendation module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | a9777d1706f439b66e3a447aea8c8762
Drupal Read More Link 6.x Cross Site Scripting
Posted Mar 8, 2012
Authored by Kyle Small | Site drupal.org

The Read More Link module version 6.x in Drupal allows you to move the "Read more" link from the node's links area to the end of the teaser text. A user could inject java script into pages affecting other site users. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access administration pages."

tags | advisory, java
MD5 | 011285bd6f4cb935c0d37eae71940072
Drupal Block Class 7.x Cross Site Scripting
Posted Mar 7, 2012
Authored by Katherine Senzee | Site drupal.org

The Drupal block class module allows users to add classes to any block through the block's configuration interface The class names in a block were not properly filtered. Someone with the ability to modify or create blocks could inject java script that would be rendered when viewing the block. Blockclass versions prior to 7.x-1.0 are affected.

tags | advisory, java
MD5 | 92bb61df738055b8e89c3a2cee251eea
Drupal UC PayDutchGroup / WeDeal Payment / Multisite Search Disclosure
Posted Mar 7, 2012
Authored by Justin C. Klein Keane, Rolf Meijer | Site drupal.org

UC PayDutchGroup / WeDeal payment integrates the PayDutchGroup / WeDeal payment gateway with Ubercart. The module exposes account credentials for the store's PayDutchGroup account under certain circumstances allowing a malicious user to login to the PayDutchGroup site as the store owner and manage the store owner's account. The vulnerability is mitigated by an attacker needing to gain an account with the ability to checkout of the store. Multisite Search allows you to index and search content from all sites in a Multisite configuration. The module doesn't sufficiently escape user input when constructing queries. The vulnerability is mitigated by the fact that in order to execute arbitrary sql injection malicious users must have the ability to administer multisite search.

tags | advisory, arbitrary, sql injection
MD5 | f4ba0336fff0cf8347f4d9492ceebf9d
Drupal Data 6.x-1.x Cross Site Scripting
Posted Mar 7, 2012
Authored by Justin C. Klein Keane | Site drupal.org

The Drupal Data module 6.x-1.x versions prior to 6.x-1.0 suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 571b60cce70fceb377c51462788e551c
Drupal CMS 7.12 Cross Site Request Forgery
Posted Mar 2, 2012
Authored by Ivano Binetti

Drupal CMS version 7.12 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 624cc16af3f882c63334256d25a4f257
Taxonomy Views Integrator 6.x Cross Site Scripting
Posted Mar 1, 2012
Authored by Dmitry Trt | Site drupal.org

Taxonomy Views Integrator version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 41488e22f5ceb3621f0b84f808cd550c
Hierarchical Select 6.x Cross Site Scripting
Posted Mar 1, 2012
Authored by Sam Oldak, Wim Leers | Site drupal.org

Hierarchical Select version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 39f5c665d3dfceac1bfc39cefca49bc3
Page 1 of 4
Back1234Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close