Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

drupal services module for drupal 6.x-0.12 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2009-2035
Unspecified vulnerability in Services 6.x prior to 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote malicious users to read or add keys and access unauthorized services via unspecified vectors.
Drupal Services Module For Drupal 6.x-0.12Drupal Services Module For Drupal
NA
CVE-2008-6908
Services 5.x prior to 5.x-0.92 and 6.x prior to 6.x-0.13, a module for Drupal, uses an insecure hash when signing requests, which allows remote malicious users to impersonate other users and gain privileges.
Marc Ingram Services 5.x-0.9Marc Ingram Services 5.x-1.x-devMarc Ingram Services 6.x-0.11Marc Ingram Services 6.x-1.x-devMarc Ingram Services 5.x-0.91Marc Ingram Services 6.x-0.12Marc Ingram Services 6.x-0.9
NA
CVE-2008-6910
Services 5.x prior to 5.x-0.92 and 6.x prior to 6.x-0.13, a module for Drupal, does not use timeouts for signed requests, which allows remote malicious users to impersonate other users and gain privileges via a replay attack that sends the same request.
Marc Ingram Services 5.x-0.9Marc Ingram Services 5.x-1.x-devMarc Ingram Services 6.x-1.x-devMarc Ingram Services 6.x-0.9Marc Ingram Services 5.x-0.91Marc Ingram Services 6.x-0.11Marc Ingram Services 6.x-0.12
NA
CVE-2008-6909
Services 5.x prior to 5.x-0.92 and 6.x prior to 6.x-0.13, a module for Drupal, does not sign all required data in requests, which has unspecified impact, probably related to man-in-the-middle attacks that modify critical data and allow remote malicious users to impersonate other ...
Marc Ingram Services 6.x-0.12Marc Ingram Services 6.x-0.9Marc Ingram Services 6.x-1.x-devMarc Ingram Services 6.x-0.11Marc Ingram Services 5.x-1.x-devMarc Ingram Services 5.x-0.91Marc Ingram Services 5.x-0.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook