Drupal security advisory DRUPAL-SA-2006-008: Bart Jansens reported that it is possible for a malicious user to insert and execute XSS into free tagging terms, due to lack of validation on output of the page title. The fix wraps the display of terms in check_plain().
b0584638f5b9adbb1149a2a0377ce9f140df6fe298f84e5f8c229862801bc629Drupal Site Documentation version 6.x suffers from an information disclosure vulnerability.
4deadfa9ab12cae4f4a040ed36b5884ad4ff166adbf02566eb2e9c63746223a7Drupal Ubercart module versions 6.x and 7.x suffers from code execution and cross site scripting vulnerabilities.
8ad5e51b2e8211b46a86fd0884c4432816a13267ddf774999bf5b42ae172622aDrupal RealName module version 6.x suffers from a cross site scripting vulnerability.
ac32848d9a2bea11a8b9268c408786c21c6630e8ea7f32e8da717fb8ab2000c7Drupal Creative Commons module version 6.x suffers from a cross site scripting vulnerability.
cd7543b39866fa90a05ae4e94480fc308d2a02154efdb0ede21f8750010f1192Drupal Gigya - Social Optimization module version 6.x suffers from a cross site scripting vulnerability.
5a648a49dcc4b4ce0da4b05ec58974c85fa9e0ade6360de5d89dc1e0ef413307Drupal Commerce Reorder module version 7.x suffers from a cross site request forgery vulnerability.
e864c23fc70ff39f1ecdb1cc5443132330a3c198903dbbc639d16efcfe4c0520The Drupal Autosave module versions 6.x and 7.x suffer from a cross site request forgery vulnerability.
a5010955517768867cfa38f156ec8127f1676c81935ed688afd452e6df38d04eThe Drupal Fivestar module version 6.x suffers from an input validation vulnerability that allows a malicious user to improperly modify voting averages.
5e603b28ddbe1a91965a76ce7952b5d0185b5857eec6494e0a37c3d54ff9dd84The Printer, Email and PDF third party module versions 6.x and 7.x for Drupal suffer from a cross site scripting vulnerability.
3a9fa042b84d0b09a2b5f4a2019c52f6bdffe02082a4499e8d6b1b55a1a3f2c0The Janrain Engage third-party Drupal module suffers from a sensitive data protection vulnerability.
63d8dd37d587a6dc848e72c0d6d8d8ebd6bd97cd050663f08f086de0195c168eThis file documents a proof of concept to demonstrate the cross site scripting vulnerability in the Drupal Activity module version 6.x.
21cff53d4151dcb6cd0a86095cfb274645d44512ecad08ffa9a0c5beb8eac1e5The Drupal Fusion module version 6.x suffers from a cross site scripting vulnerability.
8311447d5c5e9a519065e8708e1a06e2ea1f83db30ea859607056582c4f49fb0The Drupal Chaos Tool Suite module version 7.x suffers from a cross site scripting vulnerability.
80d66e0a5170005cb66e1988ba20428a8cdff88a472053008c696562e43d5e13The Drupal Organic Groups module version 6.x suffers from an access bypass vulnerability.
dbb190a4af2ae746e702f203bad02665c8856d9855a61e43a4847ccb615818d9The Drupal Node Limit Number module version 6.x suffers from a cross site request forgery vulnerability.
6805b4ae6f65fa98f5f3777e6d21416e40462b6e4a34e82bda701ca122f54e18The Drupal Activity module version 6.x suffers from cross site request forgery and cross site scripting vulnerabilities.
f1ab2c8be7c64f4cde5f3e2584e0aee9dc6e731a37c01a7814e015f86d05663eThe Drupal CDN2 Video version 6.x suffers from cross site request forgery and cross site scripting vulnerabilities.
b14e348d6a46c47dca28df0e56d0c958c435da23181eee43b81ba8f5638a1b53The Drupal ShareThis module version 7.x suffers from cross site scripting and cross site request forgery vulnerabilities.
6f1fc921aa8dbaf987fc49f4d907a7c41b0bea13d50a8253caba9f9ef13db7c8The Drupal Contact Save module version 6.x suffers from a cross site scripting vulnerability.
4f3ea4adabb18907ffc82b631487d5e06d8fd821187f9b3c6847ab996799d1e6The Drupal Ubercart Views module version 6.x suffers from an access bypass vulnerability.
95d851e70092474174c3f74c194eba0d23ffef4f23ad8d778f8b91a297a6a861The Drupal Bundle Copy module version 6.x suffers from an arbitrary code execution vulnerability.
c91035ffcabe2a3b441c6f0e5b74a15d68101edb844b0764bfa9860191cf19cfThe Drupal Share Buttons module version 6.x suffers from a cross site scripting vulnerability.
5929a532a032594c5e8d08c25f27d18537dd86ccf4232cb0eec503cca25d9477The Drupal Contact Forms module version 6.x suffers from a cross site scripting vulnerability.
fca0267cc244bdcfe1162744aabb35fed630fe06c6831938ae2596911c31689cThe Drupal MultiBlock module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
70876e7c8dfc2f422a45f8e33d5d72db26ba4d5e5008daa1b372d2d3d3154b0cThe Drupal Wishlist module versions 6.x and 7.x suffer from cross site request forgery and cross site scripting vulnerabilities.
5e55d2cdca26c33d5bf366c7dedf2d20279db2966b24d218bdf2eb529f0dc53e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed