Page 67 of 723 results (0.007 seconds)

CVSS: 3.5EPSS: 0%CPEs: 8EXPL: 0

Cross-site scripting (XSS) vulnerability in the Taxonomy Views Integrator (TVI) module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to "views pages." Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el módulo Taxonomy Views Integrator (TVI) v6.x-1.x antes de v6.x-1.3 para Drupal permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados. Se trata de un problema relacionado con las "páginas vistas". • http://drupal.org/node/1306946 http://drupal.org/node/1461892 http://osvdb.org/79682 http://secunia.com/advisories/48163 http://www.openwall.com/lists/oss-security/2012/04/07/1 http://www.securityfocus.com/bid/52227 https://exchange.xforce.ibmcloud.com/vulnerabilities/73612 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 12EXPL: 0

Cross-site scripting (XSS) vulnerability in the Submenu Tree module before 6.x-1.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el módulo Submenu Tree antes de v6.x-1.5 para Drupal permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://drupal.org/node/1132838 http://drupal.org/node/1461470 http://secunia.com/advisories/48202 http://www.openwall.com/lists/oss-security/2012/04/07/1 http://www.osvdb.org/79696 http://www.securityfocus.com/bid/52226 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0

Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via unspecified vectors related to "the vocabulary's help text." Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el módulo Hierarchical Select v6.x-3.x anterior a v6.x-3.8 para Drupal, permite a usuarios autenticados remotamente con permisos de administración sobre la taxonomía, inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados relativos al "the vocabulary's help text". • http://drupal.org/node/1461318 http://drupal.org/node/1461724 http://drupalcode.org/project/hierarchical_select.git/commit/be32dceb17d25553e474c295a8c3db69eab95cee http://osvdb.org/79683 http://secunia.com/advisories/48235 http://www.openwall.com/lists/oss-security/2012/04/07/1 http://www.securityfocus.com/bid/52228 https://exchange.xforce.ibmcloud.com/vulnerabilities/73611 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

SQL injection vulnerability in the Multisite Search module 6.x-2.2 for Drupal allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the Site table prefix field. Vulnerabilidad de inyección de comandos SQL en el módulo Multisite Search v6.x-2.2 para Drupal, permite a usuarios autenticados remotaente con algunos permisos, ejecutar comandos SQL a través del prefijo de campo de la tabla Site. • http://drupal.org/node/1471800 http://www.madirish.net/content/drupal-multisite-search-module-sql-injection-vulnerability http://www.openwall.com/lists/oss-security/2012/04/07/1 http://www.osvdb.org/79857 http://www.securityfocus.com/bid/52342 https://exchange.xforce.ibmcloud.com/vulnerabilities/73898 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

Cross-site scripting (XSS) vulnerability in the Node Recommendation module 6.x-1.x before 6.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el módulo Node Recommendation v6.x-1.x antes de v6.x-1.1 para Drupal, permite a usuarios autenticados remotamente, con algunos permisos, inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://drupal.org/node/1471906 http://drupal.org/node/1471940 http://drupalcode.org/project/noderecommendation.git/commit/55567d0 http://secunia.com/advisories/48330 http://www.openwall.com/lists/oss-security/2012/04/07/1 http://www.osvdb.org/79853 http://www.securityfocus.com/bid/52343 https://exchange.xforce.ibmcloud.com/vulnerabilities/73778 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •