261041
|
- |
|
ubercart_views_project
|
uc_views
|
Cross-site scripting (XSS) vulnerability in Views in the Ubercart Views (uc_views) module 6.x before 6.x-3.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full nam…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0321
|
2013-03-29 00:28 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261042
|
- |
|
pm9
|
flickwnn
|
The FlickWnn (aka OpenWnn/Flick support) application 2.02 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an applicatio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2300
|
2013-03-28 22:50 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261043
|
- |
|
bart_feenstra
|
payment
|
The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0182
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261044
|
- |
|
david_alkire
|
email2image
|
The email2image module 6.x-1.x and 6.x-2.x for Drupal does not properly restrict access to nodes, which allows remote attackers to read images of user email addresses and email fields.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0257
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261045
|
- |
|
elliot_pahl
|
drush_debian_packaging
|
Unspecified vulnerability in the Drush Debian Packaging module for Drupal allows local users to obtain database credentials via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0260
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261046
|
- |
|
drupal
|
drupal
|
The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU and disk space consumption) via a large number of new derivative requests.
|
CWE-399
Resource Management Errors
|
CVE-2013-0316
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261047
|
- |
|
banckle_chat_project
|
banckle_chat
|
The admin page in the Banckle Chat module for Drupal does not properly restrict access, which allows remote attackers to bypass intended restrictions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0318
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261048
|
- |
|
mattias_hutterer
|
taxonomy_manager
|
Cross-site request forgery (CSRF) vulnerability in the Taxonomy Manager (taxonomy_manager) module 6.x-2.x before 6.x-2.2 and 7.x-1.x before 7.x-1.0-rc1 for Drupal allows remote attackers to hijack th…
|
CWE-352
Origin Validation Error
|
CVE-2013-0320
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261049
|
- |
|
varnish_http_accelerator_integration_project
|
varnish
|
Multiple cross-site scripting (XSS) vulnerabilities in the Varnish module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta2 for Drupal allow remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0325
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261050
|
- |
|
codedesign
|
artime_japanese_input
|
The ArtIME Japanese Input application 1.1.2 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesse…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0719
|
2013-03-28 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|