MidnightBSD

Advisories for nicholas_thompson

CVE-2010-4775 MEDIUM

The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
nicholas_thompson relevant_content 6.x-1.3
nicholas_thompson relevant_content 5.x-1.2
nicholas_thompson relevant_content 5.x-1.3
nicholas_thompson relevant_content 5.x-1.1
nicholas_thompson relevant_content 6.x-1.4
nicholas_thompson relevant_content 5.x-1.0
nicholas_thompson relevant_content 5.x-1.x-dev
nicholas_thompson relevant_content 6.x-1.1
nicholas_thompson relevant_content 6.x-1.0
nicholas_thompson relevant_content 6.x-1.2
nicholas_thompson relevant_content 6.x-1.x-dev
CVE-2011-1661 MEDIUM

The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node titles, which allows remote attackers to bypass intended access restrictions and read potentially sensitive node titles via the autocomplete feature.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
nicholas_thompson node_quick_find 6.x-1.1