VYPR
Vendor

David Alkire

Products
2
CVEs
7
Across products
7
Status
Private

Products

2

Recent CVEs

7
  • CVE-2024-3075Apr 26, 2024
    risk 0.00cvss epss 0.01

    The MM-email2image WordPress plugin through 0.2.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site…

  • CVE-2013-0257Mar 27, 2013
    risk 0.00cvss epss 0.01

    The email2image module 6.x-1.x and 6.x-2.x for Drupal does not properly restrict access to nodes, which allows remote attackers to read images of user email addresses and email fields.

  • CVE-2012-4479Nov 30, 2012
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2012-4478Nov 30, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators.

  • CVE-2012-4477Nov 30, 2012
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors.

  • CVE-2012-4476Nov 30, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-4472Nov 30, 2012
    risk 0.00cvss epss 0.01

    Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a…