Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal logintoboggan module vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-3817
Cross-site scripting (XSS) vulnerability in the LoginToboggan module 4.7.x-1.0, 4.7.x-1.x-dev, and 5.x-1.x-dev prior to 20070712 for Drupal, when configured to display a "Log out" link, allows remote malicious users to inject arbitrary web script or HTML via a crafted u...
Drupal Logintoboggan Module
3.5
CVSSv2
CVE-2007-3818
Cross-site scripting (XSS) vulnerability in the LoginToboggan module 5.x-1.x-dev prior to 20070712 for Drupal allows remote authenticated users with "administer blocks" permission to inject arbitrary JavaScript and gain privileges via "the message displayed above t...
Drupal Logintoboggan Module
4.3
CVSSv2
CVE-2014-9364
Cross-site scripting (XSS) vulnerability in the Unified Login form in the LoginToboggan module 7.x-1.x prior to 7.x-1.4 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Logintoboggan Project Logintoboggan 7.x-1.2
Logintoboggan Project Logintoboggan 7.x-1.0
Logintoboggan Project Logintoboggan 7.x-1.1
Logintoboggan Project Logintoboggan 7.x-1.3
Logintoboggan Project Logintoboggan 7.x-1.x
4.3
CVSSv2
CVE-2014-9361
The LoginToboggan module 7.x-1.x prior to 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain privileges and possibly obtain sensitive information by accessing a Page Not Found (...
Logintoboggan Project Logintoboggan 7.x-1.2
Logintoboggan Project Logintoboggan 7.x-1.0
Logintoboggan Project Logintoboggan 7.x-1.1
Logintoboggan Project Logintoboggan 7.x-1.3
Logintoboggan Project Logintoboggan 7.x-1.x
6.8
CVSSv2
CVE-2009-2291
Unspecified vulnerability in LoginToboggan 6.x-1.x prior to 6.x-1.5, a module for Drupal, when "Allow users to login using their e-mail address" is enabled, allows remote blocked users to bypass intended access restrictions via unspecified vectors.
Chad Phillips Logintoboggan 6.x-1.0
Chad Phillips Logintoboggan 6.x-1.1
Chad Phillips Logintoboggan 6.x-1.2
Chad Phillips Logintoboggan 6.x-1.3
Chad Phillips Logintoboggan 6.x-1.4
Chad Phillips Logintoboggan 6.x-1.x
Chad Phillips Logintoboggan 6.x-2.x
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started