CVE-2010-0752
The week_post_page function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows remote attackers to read restricted node listings via unspecified vectors.Enginsight
Vendor | Product | Version |
---|---|---|
earl_dunovant | week | 6.x-1.0 |
earl_dunovant | week | 6.x-1.x-dev |
earl_dunovant | week | 6.x-2.0 |
earl_dunovant | week | 6.x-2.1 |
earl_dunovant | week | 6.x-2.2 |
earl_dunovant | week | 6.x-2.3 |
earl_dunovant | week | 6.x-2.4 |
earl_dunovant | week | 6.x-2.5 |
earl_dunovant | week | 6.x-2.6 |
earl_dunovant | week | 6.x-2.x-dev |
Common Weakness Enumeration