Search Autocomplete
Monthly
The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.
The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.