CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2012-6574
https://notcve.org/view.php?id=CVE-2012-6574
Cross-site scripting (XSS) vulnerability in the Fonecta verify module 7.x-1.x before 7.x-1.6 for Drupal allows remote attackers from certain sources to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en el módulo Fonecta verify 7.x-1.x anterior a 7.x-1.6 para Drupal, lo que permite a atacantes remotos desde diferentes orígenes inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://www.securityfocus.com/bid/55614 https://drupal.org/node/1778782 https://drupal.org/node/1789258 https://exchange.xforce.ibmcloud.com/vulnerabilities/78699 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2012-6575
https://notcve.org/view.php?id=CVE-2012-6575
Cross-site scripting (XSS) vulnerability in the Exposed Filter Data module 6.x-1.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en el módulo Exposed Filter Data 6.x-1.x anterior a 6.x-1.2 para Drupal, lo que permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://osvdb.org/85190 https://drupal.org/node/1774636 https://drupal.org/node/1775582 https://exchange.xforce.ibmcloud.com/vulnerabilities/78316 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6576
https://notcve.org/view.php?id=CVE-2012-6576
Cross-site scripting (XSS) vulnerability in the PRH Search module 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers from certain sources to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en el módulo PRH Search 7.x-1.x anterior a 7.x-1.1 para Drupal, lo que permite a atacantes remotos desde diferentes orígenes inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://secunia.com/advisories/50672 https://drupal.org/node/1778778 https://drupal.org/node/1789252 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2012-6573
https://notcve.org/view.php?id=CVE-2012-6573
Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results. Múltiples vulnerabilidades de cross-site scripting (XSS) en el módulo Apache Solr Autocomplete v6.x-1.x antes de v6.x-1.4 y v7.x-1.x antes de v7.x-1.3 para Drupal que permite a atacantes remotos inyectar código arbitrario o HTML a través de vectores de autocompletado. • http://osvdb.org/85062 http://seclists.org/fulldisclosure/2013/Jun/212 http://secunia.com/advisories/50443 http://www.securityfocus.com/bid/55290 https://drupal.org/node/1762684 https://drupal.org/node/1762686 https://drupal.org/node/1762734 https://exchange.xforce.ibmcloud.com/vulnerabilities/78153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 0CVE-2013-2177
https://notcve.org/view.php?id=CVE-2013-2177
Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label. Vulnerabilidad Cross-site scripting (XSS) en el modulo Display Suite v7.x-1.x anterior a v7.x-1.7 y v7.x-2.x anterior a v7.x-2.3 para Drupal permite a usuarios remotos autenticados con cierta permisos para inyectar secuencias de comandos web o HTML a través de una etiqueta del paquete entidad. • http://osvdb.org/94234 http://seclists.org/fulldisclosure/2013/Jun/94 https://drupal.org/node/2017639 https://drupal.org/node/2017641 https://drupal.org/node/2017933 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •