WEB APPLICATION VULNERABILITIES Standard & Premium

Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6661)

Description

Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu.

Remediation

References

Related Vulnerabilities

WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.8.99)

Perl Numeric Errors Vulnerability (CVE-2011-2939)

WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.9.5.1)

WordPress Plugin IQ Testimonials Arbitrary File Upload (2.2.7)

WordPress Plugin GB Gallery Slideshow SQL Injection (1.2)

Severity

Medium

Classification

CVE-2015-6661 CWE-200

Tags

Missing Update Known Vulnerabilities