Filtered by vendor Karen Stevenson
Subscriptions
Filtered by product Date
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1626 | 2 Drupal, Karen Stevenson | 2 Drupal, Date | 2024-11-21 | N/A |
| SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-3156 | 2 Drupal, Karen Stevenson | 2 Drupal, Date | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Date Tools sub-module in the Date module 6.x before 6.x-2.3 for Drupal allows remote authenticated users, with "use date tools" or "administer content types" privileges, to inject arbitrary web script or HTML via a "Content type label" field. | ||||
Page 1 of 1.