CVSS: 6.1EPSS: 0%CPEs: 84EXPL: 1CVE-2012-6645
https://notcve.org/view.php?id=CVE-2012-6645
08 Apr 2014 — Cross-site scripting (XSS) vulnerability in the autocomplete functionality in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via the title of a node, a different vulnerability than CVE-2012-1561. Vulnerabilidad de XSS en la funcionalidad de autocompletar en el módulo Finder 6.x-1.x anterior a 6.x-1.26, 7.x-1.x y 7.x-2.x anterior a 7.x-2.0-alpha8 para Drupal permite a atacantes remotos inyectar sc... • http://drupal.org/node/1432318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 84EXPL: 0CVE-2012-1561
https://notcve.org/view.php?id=CVE-2012-1561
08 Apr 2014 — Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "checkbox and radio button functionalities." Vulnerabilidad de XSS en el módulo Finder 6.x-1.x anterior a 6.x-1.26, 7.x-1.x y 7.x-2.x anterior a 7.x-2.0-alpha8 para Drupal permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especi... • http://drupal.org/node/1432318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 84EXPL: 1CVE-2012-1641
https://notcve.org/view.php?id=CVE-2012-1641
28 Aug 2012 — The finder_import function in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote authenticated users with the administer finder permission to execute arbitrary PHP code via admin/build/finder/import. La función finder_import en el módulo Finder v6.x-1.x anterior a v6.x-1.26, v7.x-1.x, y v7.x-2.x anterior a v7.x-2.0-alpha8 para Drupal permite a usuarios remotos autenticados con permisos de administración del finder ejecutar código PHP arbitrario a t... • http://drupal.org/node/1432318 • CWE-264: Permissions, Privileges, and Access Controls •