Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 0.75%
- Veröffentlicht 21.06.2010 19:30:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal does not perform access checks before displaying referenced nodes, which allows remote attackers to read controlled nodes.
- EPSS 0.68%
- Veröffentlicht 21.06.2010 19:30:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, which allows remote attackers to discover titles and ...
3.5
CVE-2008-6972
- EPSS 0.16%
- Veröffentlicht 13.08.2009 16:30:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content Construction Kit (CCK) 5.x through 5.x-1.8 allow remote authenticated users with "administer content" permissions to inject arbitrary web script or HTML via the (1) "field label," ...
1