Skip to main content

Spider Contacts

2 CVEs product

Monthly

CVE-2015-4349 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Spider Contacts module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete contact. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Spider Contacts
NVD
CVSS 2.0
5.8
EPSS
0.1%
CVE-2015-4348 MEDIUM This Month

SQL injection vulnerability in the Spider Contacts module for Drupal allows remote authenticated users with the "access Spider Contacts category administration" permission to execute arbitrary SQL. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

SQLi Spider Contacts
NVD
CVSS 2.0
6.0
EPSS
0.3%
EPSS 0% CVSS 5.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Spider Contacts module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete contact. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Spider Contacts
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

SQL injection vulnerability in the Spider Contacts module for Drupal allows remote authenticated users with the "access Spider Contacts category administration" permission to execute arbitrary SQL. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

SQLi Spider Contacts
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy