Vulnerabilities (CVE)

Filtered by vendor Carlos Carvalhar Subscribe
Filtered by product Time Spent
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-5550 2 Carlos Carvalhar, Drupal 2 Time Spent, Drupal 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-5549 2 Carlos Carvalhar, Drupal 2 Time Spent, Drupal 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2012-5548 2 Carlos Carvalhar, Drupal 2 Time Spent, Drupal 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.