Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
steven jones context 6.x-2.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2010-1584
Cross-site scripting (XSS) vulnerability in the Context module prior to 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description.
Steven Jones Context
Steven Jones Context 6.x-2.0
6.8
CVSSv2
CVE-2013-4446
The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x prior to 6.x-3.2 and 7.x-3.x prior to 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote malicious users to execute arbitrary P...
Steven Jones Context 6.x-2.0
Steven Jones Context 6.x-3.0
Steven Jones Context 6.x-3.1
Steven Jones Context 6.x-3.x
Steven Jones Context 7.x-3.0
Steven Jones Context 7.x-3.x
4.9
CVSSv2
CVE-2013-4445
The json rendering functionality in the Context module 6.x-2.x prior to 6.x-3.2 and 7.x-3.x prior to 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leve...
Steven Jones Context 6.x-2.0
Steven Jones Context 6.x-3.0
Steven Jones Context 6.x-3.1
Steven Jones Context 6.x-3.x
Steven Jones Context 7.x-3.0
Steven Jones Context 7.x-3.x
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started