Vulnerabilities (CVE)

Filtered by vendor Nicholas Thompson Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1661 2 Drupal, Nicholas Thompson 2 Drupal, Node Quick Find 2024-11-21 5.0 MEDIUM N/A
The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node titles, which allows remote attackers to bypass intended access restrictions and read potentially sensitive node titles via the autocomplete feature.
CVE-2010-4775 2 Drupal, Nicholas Thompson 2 Drupal, Relevant Content 2024-11-21 5.0 MEDIUM N/A
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships.