RSS   Vulnerabilities for 'WEEK'   RSS

2010-02-26
 
CVE-2010-0752

CWE-264
 

 
The week_post_page function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows remote attackers to read restricted node listings via unspecified vectors.

 

 >>> Vendor: Earl dunovant 2 Products
WEEK
Monthly archive by node type


Copyright 2024, cxsecurity.com

 

Back to Top