| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-0322 | 4.3 |
Cross-site scripting (XSS) vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field.
|
20-07-2013 - 03:35 | 27-03-2013 - 21:55 | |
| CVE-2013-0323 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the author field.
|
04-04-2013 - 04:00 | 27-03-2013 - 21:55 | |
| CVE-2013-0319 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Yandex.Metrics module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the Yandex.Metrica service data.
|
04-04-2013 - 04:00 | 27-03-2013 - 21:55 | |
| CVE-2013-0324 | 2.1 |
Cross-site scripting (XSS) vulnerability in the Rendered links formatter in the Menu Reference module 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with the "Administer menus and menu items" permission to inject arbitrary web sc
|
04-04-2013 - 04:00 | 27-03-2013 - 21:55 | |
| CVE-2013-0317 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Manager Change for Organic Groups (og_manager_change) module 7.x-2.x before 7.x-2.1 for Drupal might allow remote attackers to inject arbitrary web script or HTML via the username in the new manager aut
|
04-04-2013 - 04:00 | 27-03-2013 - 21:55 | |
| CVE-2013-0321 | 4.3 |
Cross-site scripting (XSS) vulnerability in Views in the Ubercart Views (uc_views) module 6.x before 6.x-3.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field.
|
28-03-2013 - 15:28 | 27-03-2013 - 21:55 | |
| CVE-2013-0320 | 5.1 |
Cross-site request forgery (CSRF) vulnerability in the Taxonomy Manager (taxonomy_manager) module 6.x-2.x before 6.x-2.2 and 7.x-1.x before 7.x-1.0-rc1 for Drupal allows remote attackers to hijack the authentication of users with 'administer taxonomy
|
28-03-2013 - 04:00 | 27-03-2013 - 21:55 | |
| CVE-2013-0318 | 10.0 |
The admin page in the Banckle Chat module for Drupal does not properly restrict access, which allows remote attackers to bypass intended restrictions via unspecified vectors.
|
28-03-2013 - 04:00 | 27-03-2013 - 21:55 | |
| CVE-2013-0316 | 5.0 |
The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU and disk space consumption) via a large number of new derivative requests.
|
28-03-2013 - 04:00 | 27-03-2013 - 21:55 | |
| CVE-2013-0325 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the Varnish module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta2 for Drupal allow remote attackers to inject arbitrary web script or HTML via crafted a (1) Watchdog message or (2) admin
|
28-03-2013 - 04:00 | 27-03-2013 - 21:55 |