Skip to main content

Restful Web Services

5 CVEs product

Monthly

CVE-2024-13255 HIGH This Month

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.X-2.0 before 7.X-2.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Restful Web Services Drupal
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2015-4345 MEDIUM PATCH This Month

The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.x before 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Restful Web Services
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-1946 MEDIUM PATCH This Month

The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Restful Web Services
NVD VulDB
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-0205 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x before 7.x-1.2 and 7.x-2.x before 7.x-2.0-alpha4 for Drupal allows remote attackers to hijack the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Restful Web Services
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-5556 MEDIUM PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Restful Web Services
NVD
CVSS 2.0
6.8
EPSS
0.2%
EPSS 0% CVSS 7.5
HIGH This Month

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.X-2.0 before 7.X-2.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Restful Web Services Drupal
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.x before 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Restful Web Services
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Restful Web Services
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x before 7.x-1.2 and 7.x-2.x before 7.x-2.0-alpha4 for Drupal allows remote attackers to hijack the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Restful Web Services
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Restful Web Services
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy