厂商或团体 drupal 的搜索结果 (313)

CVE-2015-7943(发布:2017-10-18 14:29:00)NMS
CVSS5.8

[原文]Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233.

CVE-2015-2749(发布:2017-09-13 12:29:00)NMP
CVSS5.8

[原文]Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.

CVE-2015-2750(发布:2017-09-13 12:29:00)NMP
CVSS5.8

[原文]Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.

CVE-2015-7880(发布:2017-09-13 12:29:00)NMS
CVSS4.0

[原文]The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to obtain sensitive event registration information by leveraging the "Register other accounts" permission and knowledge of usernames.

CVE-2016-9452(发布:2016-11-25 13:59:04)NM
CVSS4.3

[原文]The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote attackers to cause a denial of service via a crafted URL.

CVE-2016-9451(发布:2016-11-25 13:59:03)NM
CVSS4.9

[原文]Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors.

12345678下一页尾页 第1页 / 共53页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站