NotCVE - vendor:"Ckeditor" product:"Ckeditor" version:"7.x-1.1"

3 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2011-4972

https://notcve.org/view.php?id=CVE-2011-4972

13 Nov 2019 — hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request. La función hook_file_download en el módulo CKEditor versiones 7.x-1.4 para Drupal, no restringe correctamente el acceso a archivos privados, lo que permite a atacantes remotos leer archivos privados por medio de una petición directa. • http://www.openwall.com/lists/oss-security/2013/06/04/5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 0%CPEs: 56EXPL: 0

CVE-2012-2066

https://notcve.org/view.php?id=CVE-2012-2066

05 Sep 2012 — Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal allows remote authenticated users or remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de código en sitios cruzados (XSS) en el módulo FCKeditor v6.x-2.x anterior a v6.x-2.3 y el módulo CKEditor v6.x-1.x anterior a v6.x-1.9 y v77.x-1.x anterior a v7.x-1.7 para Drupal permite a us... • http://drupal.org/node/1482442 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 1%CPEs: 56EXPL: 0

CVE-2012-2067

https://notcve.org/view.php?id=CVE-2012-2067

05 Sep 2012 — Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote attackers to execute arbitrary PHP code via the text parameter to a text filter. NOTE: some of these details are obtained from third party information. Vulnerabilidad no especificada en el módulo CKEditor v6.x-2.x anterior a v6.x-2.3 y el módulo CKEditor v6.x-1.x anterior ... • http://drupal.org/node/1482442 •