Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
services project services 7.x-3.9 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-9151
The Services module 7.x-3.x prior to 7.x-3.10 for Drupal does not properly limit the rate of authentication attempts, which makes it easier for remote malicious users to obtain access via a brute-force attack on the administrative password.
Services Project Services 7.x-3.9
6
CVSSv2
CVE-2015-4393
The resource/endpoint for uploading files in the Services module 7.x-3.x prior to 7.x-3.12 for Drupal allows remote authenticated users with the "Save file information" permission to execute arbitrary code via a crafted filename.
Services Project Services 7.x-3.0
Services Project Services 7.x-3.4
Services Project Services 7.x-3.5
Services Project Services 7.x-3.6
Services Project Services 7.x-3.7
Services Project Services 7.x-3.10
Services Project Services 7.x-3.2
Services Project Services 7.x-3.1
Services Project Services 7.x-3.11
Services Project Services 7.x-3.3
Services Project Services 7.x-3.9
4.3
CVSSv2
CVE-2014-9153
Cross-site scripting (XSS) vulnerability in the Services module 7.x-3.x prior to 7.x-3.10 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the callback parameter in a JSONP response.
Services Project Services 7.x-3.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started