Drupal version 6.22 with Hotblocks 6.x suffers from cross site scripting and denial of service vulnerabilities. Proof of concept information included.
17fd7caf06fdac8c5a9e14bc764b6c00c9303d84f1395974dc92767ed9a8a7f2Secunia Security Advisory - A security issue has been reported in the Node Embed module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
24364a9bb73e66ad429093e951a3b551119f281ecd04d59516c7dbbe09c1e2a0Secunia Security Advisory - A vulnerability has been reported in the Authoring HTML module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
863b033bb292c8b75e9390d3b03d498b193964dd8eeeb00e094c9035a3e0e412Secunia Security Advisory - A vulnerability has been reported in the Protest module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
f87890bf9c35f4db7a1a3af1e6c873b9d75f9ce6a27eb4ebc3a832608b73e560Secunia Security Advisory - Two vulnerabilities have been reported in the Maestro module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.
3c66ceef1653299e41ed528dbdc98c5df4d943d98c4e9ee5a7b6f110dc34ddf3Drupal Protest third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
76092a55e6b9d30efe330e8fd8894c43054d3766b55c8460c34c37a3eaed9354Drupal Authoring HTML third party module version 6.x suffers from a cross site scripting vulnerability.
19c6727ac3aa1fc751733d4d10647f65f1979d97c2fcaa6fa2fd0786305fc0f1Drupal Simplenews third party module versions 6.x and 7.x suffer from an information disclosure vulnerability.
c6685213ac066fa6bc378bac975fe3b4f3589d5f1e3d5de4ed106c5fa290eb9aDrupal Maestro third party module version 7.x suffers from cross site request forgery and cross site scripting vulnerabilities.
bea74b2a86b66783035aa9b7818b9d39d67192aad10a1e02f4e54f6e4732270bDrupal Tokenauth third party module version 6.x suffers from an access bypass vulnerability.
7221dc15d9c821c321728ee4f4fa17ddaf19ba6032017b4a8bec982d1568e3f5Drupal Node Embed third party module versions 6.x and 7.x suffer from an access bypass vulnerability.
6571dcae03f74430b92cba3fd36dd0c9b1987cd05595801d3c575a45c620eb9bDrupal Organic Groups third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.
b56a43fd6cb4f6b56f362161245de3105f1a148e93042618473ddbf92210ccccSecunia Security Advisory - Multiple vulnerabilities have been reported in the Mobile Tools module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
285226714bd31810c5d9db306cbcc9fa57403d5912e9f3e6f1356f783b0bd882Secunia Security Advisory - A vulnerability has been reported in the Amadou theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
1a64fc52c5509b115f7a702da66f97ee081c9d090f92af7fc043f84268f6ffa9Secunia Security Advisory - A vulnerability has been reported in the Comment Moderation module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
8615a53f2a2de7cf77277a6779a3226aef27e0515cd62096726ecf5f2cc483cbSecunia Security Advisory - A security issue has been reported in the filedepot module for Drupal, which can be exploited by malicious users to hijack a user's session.
d7121cadfd78c06331627fd5e8ede94f271c6e19cd9cabadfd4236ae6b03dfddDrupal Filedepot third party module version 6.x suffers from an access bypass vulnerability.
458f98b4ad4003bf3aa663adf77ce9a113cc04ada72fbb4d272a2a8121becec3Drupal Counter third party module version 6.x suffers from a remote SQL injection vulnerability.
87c480a1491ea81dba9377c160920492eb2eca928e4903a8de1d14e8a56cd325Drupal Mobile Tools third party module version 6.x suffers from a cross site scripting vulnerability.
29a8a30a54355574dd0be519532088f56b732fbe03e7d368021180b61cbba007Drupal Comment Moderation third party module version 6.x suffers from a cross site request forgery vulnerability.
a93bed327c36c2c72feb9c128ba34d34608d374372b3c7494944ed36b1243bb4Drupal Amadou third party theme version 6.x suffers from a cross site scripting vulnerability.
8084ca37c2ceb14940a10c7c10441c8a7cc2f03c072729984567644bf2a6234eSecunia Security Advisory - A vulnerability has been reported in the BrowserID module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.
52a6b0d6ce080bd2215891424f87d1f6806eb2299465c4998164f804736b5075Secunia Security Advisory - Multiple vulnerabilities have been reported in the Search API module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
44ce1f3c1fe56a9a2c5cbae8339e227a89bd710bc0e79daeb8adf7af74ff21faSecunia Security Advisory - A vulnerability has been reported in the Taxonomy List module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
2079874c6056698377252b7148ee06f0a6017d82424720ae19aaa9f33b1d9876Drupal BrowserID third party module version 7.x suffers from a cross site request forgery vulnerability.
1f65933059e8c83ea70ceb600b4ab636ca18616eaee8a2620457c8ec1a7bfd1dDrupal Taxonomy List third party module version 6.x suffers from a cross site scripting vulnerability.
bfe33b921dcae3093d0daff01c336765b5d083048b293808b041c20d777a501f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed