Vulnerabilities (CVE)

Filtered by vendor Kristof De Jaeger Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2177 2 Drupal, Kristof De Jaeger 2 Drupal, Display Suite 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label.
CVE-2012-2073 2 Drupal, Kristof De Jaeger 2 Drupal, Bundle Copy 2024-11-21 6.0 MEDIUM N/A
The Bundle copy module 7.x-1.x before 7.x-1.1 for Drupal does not check for the "use PHP for settings" permission while importing settings, which allows remote authenticated users with certain permissions to execute arbitrary PHP code via unspecified vectors.
CVE-2009-4520 2 Drupal, Kristof De Jaeger 2 Drupal, Commentreference 2024-11-21 5.0 MEDIUM N/A
The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path.