Unrated severityNVD Advisory· Published Jun 15, 2015· Updated May 6, 2026

CVE-2015-4350

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Spider Catalog module for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete (1) products, (2) ratings, or (3) categories via unspecified vectors.

Affected products

Web Dorado/Spider Catalog
cpe:2.3:a:web-dorado:spider_catalog:*:*:*:*:*:drupal:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.drupal.org/node/2437977nvdVendor Advisory
www.openwall.com/lists/oss-security/2015/04/25/6nvd
www.securityfocus.com/bid/72798nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000