VYPR
Vendor

Restful Web Services Project

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2013-4225HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote authenticated users with the "access resource node" and "create page content"…

  • CVE-2024-13255Jan 9, 2025
    risk 0.00cvss epss 0.00

    Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10.

  • CVE-2015-4345Jun 15, 2015
    risk 0.00cvss epss 0.01

    The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.x before 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote attackers to obtain sensitive information via unspecified vectors.

  • CVE-2013-1946Apr 6, 2014
    risk 0.00cvss epss 0.01

    The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows remote attackers to cause a denial of service via a GET request with an HTTP…

  • CVE-2013-0205Mar 19, 2013
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x before 7.x-1.2 and 7.x-2.x before 7.x-2.0-alpha4 for Drupal allows remote attackers to hijack the authentication of arbitrary users via unknown vectors.

  • CVE-2012-5556Dec 3, 2012
    risk 0.00cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to hijack the authentication of arbitrary users via unknown vectors.