Max CVSS | 6.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-5651 | 5.0 |
Drupal 6.x before 6.27 and 7.x before 7.18 displays information for blocked users, which might allow remote attackers to obtain sensitive information by reading the search results.
|
29-08-2017 - 01:32 | 03-01-2013 - 01:55 | |
CVE-2012-5652 | 5.0 |
Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.
|
29-08-2017 - 01:32 | 03-01-2013 - 01:55 | |
CVE-2012-5653 | 6.0 |
The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 allows remote authenticated users to bypass the protection mechanism and execute arbitrary PHP code via a null byte in a file name.
|
29-08-2017 - 01:32 | 03-01-2013 - 01:55 |