Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
steven jones context vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2013-4446
The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x prior to 6.x-3.2 and 7.x-3.x prior to 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote malicious users to execute arbitrary P...
Steven Jones Context 6.x-2.0
Steven Jones Context 6.x-3.0
Steven Jones Context 6.x-3.1
Steven Jones Context 6.x-3.x
Steven Jones Context 7.x-3.0
Steven Jones Context 7.x-3.x
436
VMScore
CVE-2013-4445
The json rendering functionality in the Context module 6.x-2.x prior to 6.x-3.2 and 7.x-3.x prior to 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leve...
Steven Jones Context 6.x-2.0
Steven Jones Context 6.x-3.0
Steven Jones Context 6.x-3.1
Steven Jones Context 6.x-3.x
Steven Jones Context 7.x-3.0
Steven Jones Context 7.x-3.x
445
VMScore
CVE-2012-5655
The Context module 6.x-3.x prior to 6.x-3.1 and 7.x-3.x prior to 7.x-3.0-beta6 for Drupal does not properly restrict access to block content, which allows remote malicious users to obtain sensitive information via a crafted request.
Steven Jones Context 6.x-3.0
Steven Jones Context 6.x-3.x
Steven Jones Context 7.x-3.0
Steven Jones Context 7.x-3.x
187
VMScore
CVE-2010-1584
Cross-site scripting (XSS) vulnerability in the Context module prior to 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description.
Steven Jones Context
Steven Jones Context 6.x-2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started