Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
restful web services project restful web services vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2013-4225
The RESTful Web Services (restws) module 7.x-1.x prior to 7.x-1.4 and 7.x-2.x prior to 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote authenticated users with the "access resource node" and "create ...
Restful Web Services Project Restful Web Services
Restful Web Services Project Restful Web Services 7.x-2.x
NA
CVE-2015-4345
The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x prior to 7.x-1.5 and 7.x-2.x prior to 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Restful Web Services Project Restful Web Services 7.x-2.0
Restful Web Services Project Restful Web Services 7.x-2.2
Restful Web Services Project Restful Web Services 7.x-1.0
Restful Web Services Project Restful Web Services 7.x-1.1
Restful Web Services Project Restful Web Services 7.x-1.3
Restful Web Services Project Restful Web Services 7.x-2.1
Restful Web Services Project Restful Web Services 7.x-1.4
Restful Web Services Project Restful Web Services 7.x-1.2
NA
CVE-2013-1946
The RESTful Web Services (RESTWS) module 7.x-1.x prior to 7.x-1.3 and 7.x-2.x prior to 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows remote malicious users to cause a denial of service via a GET request with an...
Restful Web Services Project Restful Web Services 7.x-1.1
Restful Web Services Project Restful Web Services 7.x-1.2
Restful Web Services Project Restful Web Services 7.x-2.0
NA
CVE-2013-0205
Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x prior to 7.x-1.2 and 7.x-2.x prior to 7.x-2.0-alpha4 for Drupal allows remote malicious users to hijack the authentication of arbitrary users via unknown vectors.
Restful Web Services Project Restful Web Services
Restful Web Services Project Restful Web Services 7.x-2.0
NA
CVE-2012-5556
Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x prior to 7.x-1.1 and 7.x-2.x prior to 7.x-2.0-alpha3 for Drupal allow remote malicious users to hijack the authentication of arbitrary users via unknown vectors.
Restful Web Services Project Restful Web Services 7.x-1.0
Restful Web Services Project Restful Web Services 7.x-1.x
Restful Web Services Project Restful Web Services 7.x-2.0
Restful Web Services Project Restful Web Services 7.x-2.x
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started