• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

aggregation_module

CVE-2008-2998

February 26, 2023 by

Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2008-2999

February 26, 2023 by

Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2008-3000

February 26, 2023 by

The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions.

CVE-2008-3001

February 26, 2023 by

The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions.

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE