Filtered by vendor Nicholas Thompson
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1661 | 2 Drupal, Nicholas Thompson | 2 Drupal, Node Quick Find | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node titles, which allows remote attackers to bypass intended access restrictions and read potentially sensitive node titles via the autocomplete feature. | |||||
| CVE-2010-4775 | 2 Drupal, Nicholas Thompson | 2 Drupal, Relevant Content | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships. | |||||