Skip to main content

Search Autocomplete

2 CVEs product

Monthly

CVE-2012-4471 MEDIUM PATCH This Month

The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Search Autocomplete
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2012-1638 MEDIUM PATCH This Month

SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

SQLi Search Autocomplete
NVD
CVSS 2.0
6.0
EPSS
0.6%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Search Autocomplete
NVD
EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

SQLi Search Autocomplete
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy