Skip to main content

Prepopulate

2 CVEs product

Monthly

CVE-2016-3188 HIGH PATCH This Week

The _prepopulate_request_walk function in the Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the (1) actions, (2) container, (3) token, (4) password, (5). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Prepopulate
NVD
CVSS 3.0
7.3
EPSS
0.5%
CVE-2016-3187 HIGH PATCH This Week

The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the REQUEST superglobal array, and consequently have unspecified impact, via a base64-encoded pp parameter. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Prepopulate
NVD
CVSS 3.0
7.3
EPSS
0.5%
EPSS 1% CVSS 7.3
HIGH PATCH This Week

The _prepopulate_request_walk function in the Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the (1) actions, (2) container, (3) token, (4) password, (5). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Prepopulate
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the REQUEST superglobal array, and consequently have unspecified impact, via a base64-encoded pp parameter. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Prepopulate
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy