CVE-2013-4230

The mm_webform submodule in the Monster Menus module 6.x-6.x before 6.x-6.61 and 7.x-1.x before 7.x-1.13 for Drupal does not properly restrict access to webform submissions, which allows remote authenticated users with the "Who can read data submitted to this webform" permission to delete arbitrary submissions via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.7:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.6:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.59:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.57:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.41:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.38:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.31:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.30:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.29:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.19:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.11:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.56:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.2:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.27:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.26:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.8:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.36:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.4:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.24:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.34:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.12:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.48:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.1:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.x:dev:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.10:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.9:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.5:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.35:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.3:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.25:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.44:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.53:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.37:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.33:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.60:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.32:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.42:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.23:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.22:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:6.x-6.43:*:*:*:*:*:*:*
cpe:2.3:a:monster_menus_module_project:monster_menus:7.x-1.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:*

Information

Published : 2013-08-21 07:55

Updated : 2017-08-28 18:33


NVD link : CVE-2013-4230

Mitre link : CVE-2013-4230


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

monster_menus_module_project

  • monster_menus

drupal

  • drupal