|
261661
|
- |
|
drupal
|
aggregation_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2998
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261662
|
- |
|
drupal
|
aggregation_module
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2998
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261663
|
- |
|
drupal
|
aggregation_module
drupal
|
Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-2999
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261664
|
- |
|
drupal
|
aggregation_module
drupal
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-89
SQL Injection
|
CVE-2008-2999
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261665
|
- |
|
drupal
|
aggregation_module
|
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3000
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261666
|
- |
|
drupal
|
aggregation_module
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3000
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261667
|
- |
|
drupal
|
aggregation_module
|
The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of f…
|
CWE-94
Code Injection
|
CVE-2008-3001
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261668
|
- |
|
drupal
|
aggregation_module
|
Per Hyperlink Record 1026625, Drupal core is not affected. If you do not use the contributed Aggregation module, there is nothing you need to do.
|
CWE-94
Code Injection
|
CVE-2008-3001
|
2017-08-8 10:31 |
2008-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261669
|
- |
|
typo3
|
send_a_card
|
Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3028
|
2017-08-8 10:31 |
2008-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261670
|
- |
|
typo3
|
wec_discussion_forum
|
Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecif…
|
CWE-79
Cross-site Scripting
|
CVE-2008-3029
|
2017-08-8 10:31 |
2008-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
