Karim Ratib : Security Vulnerabilities, CVEs,
Unspecified vulnerability in Views Bulk Operations 5.x-1.x before 5.x-1.4 and 6.x-1.x before 6.x-1.7, a module for Drupal, allows remote attackers to bypass intended access restrictions and modify "nodes or classes of nodes" via unknown vectors, probably related to registered procedures (aka actions).
Max CVSS
7.5
EPSS Score
0.75%
Published
2009-06-27
Updated
2017-08-17
Unspecified vulnerability in the Views Bulk Operations module 6 before 6.x-1.10 for Drupal allows remote authenticated users with user management permissions to bypass intended access restrictions and delete anonymous users (user 0) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.16%
Published
2012-10-07
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the Zoomify module 5.x before 5.x-2.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the node title.
Max CVSS
4.3
EPSS Score
0.30%
Published
2009-11-09
Updated
2017-08-17
3 vulnerabilities found