Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal logintoboggan module vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3818
Cross-site scripting (XSS) vulnerability in the LoginToboggan module 5.x-1.x-dev prior to 20070712 for Drupal allows remote authenticated users with "administer blocks" permission to inject arbitrary JavaScript and gain privileges via "the message displayed above t...
Drupal Logintoboggan Module
NA
CVE-2007-3817
Cross-site scripting (XSS) vulnerability in the LoginToboggan module 4.7.x-1.0, 4.7.x-1.x-dev, and 5.x-1.x-dev prior to 20070712 for Drupal, when configured to display a "Log out" link, allows remote malicious users to inject arbitrary web script or HTML via a crafted u...
Drupal Logintoboggan Module
NA
CVE-2014-9364
Cross-site scripting (XSS) vulnerability in the Unified Login form in the LoginToboggan module 7.x-1.x prior to 7.x-1.4 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Logintoboggan Project Logintoboggan 7.x-1.x
Logintoboggan Project Logintoboggan 7.x-1.0
Logintoboggan Project Logintoboggan 7.x-1.2
Logintoboggan Project Logintoboggan 7.x-1.3
Logintoboggan Project Logintoboggan 7.x-1.1
NA
CVE-2014-9361
The LoginToboggan module 7.x-1.x prior to 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain privileges and possibly obtain sensitive information by accessing a Page Not Found (...
Logintoboggan Project Logintoboggan 7.x-1.2
Logintoboggan Project Logintoboggan 7.x-1.1
Logintoboggan Project Logintoboggan 7.x-1.0
Logintoboggan Project Logintoboggan 7.x-1.3
Logintoboggan Project Logintoboggan 7.x-1.x
NA
CVE-2009-2291
Unspecified vulnerability in LoginToboggan 6.x-1.x prior to 6.x-1.5, a module for Drupal, when "Allow users to login using their e-mail address" is enabled, allows remote blocked users to bypass intended access restrictions via unspecified vectors.
Chad Phillips Logintoboggan 6.x-1.x
Chad Phillips Logintoboggan 6.x-1.0
Chad Phillips Logintoboggan 6.x-2.x
Chad Phillips Logintoboggan 6.x-1.4
Chad Phillips Logintoboggan 6.x-1.2
Chad Phillips Logintoboggan 6.x-1.3
Chad Phillips Logintoboggan 6.x-1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started