RSS   Vulnerabilities for 'Crmngp'   RSS

2009-11-09
 
CVE-2009-3920

CWE-264
 

 
An administration page in the NGP COO/CWP Integration (crmngp) module 6.x before 6.x-1.12 for Drupal does not perform the expected access control, which allows remote attackers to read log information via unspecified vectors.

 
 
CVE-2009-3919

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the NGP COO/CWP Integration (crmngp) module 6.x before 6.x-1.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified "user-supplied information."

 

 >>> Vendor: Sean robertson 2 Products
Crmngp
Forward


Copyright 2024, cxsecurity.com

 

Back to Top