VYPR
Vendor

Sean Robertson

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2012-1057Feb 14, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that increase node…

  • CVE-2012-1056Feb 14, 2012
    risk 0.00cvss epss 0.01

    The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.

  • CVE-2009-3920Nov 9, 2009
    risk 0.00cvss epss 0.01

    An administration page in the NGP COO/CWP Integration (crmngp) module 6.x before 6.x-1.12 for Drupal does not perform the expected access control, which allows remote attackers to read log information via unspecified vectors.

  • CVE-2009-3919Nov 9, 2009
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the NGP COO/CWP Integration (crmngp) module 6.x before 6.x-1.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified "user-supplied information."

  • CVE-2007-3690Jul 11, 2007
    risk 0.00cvss epss 0.02

    The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.