Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Rest\/json Project Subscribe
Filtered by product Rest\/json
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-20001 1 Rest\/json Project 1 Rest\/json 2021-01-07 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20006 1 Rest\/json Project 1 Rest\/json 2021-01-07 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20004 1 Rest\/json Project 1 Rest\/json 2021-01-07 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20005 1 Rest\/json Project 1 Rest\/json 2021-01-07 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20003 1 Rest\/json Project 1 Rest\/json 2021-01-07 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20008 1 Rest\/json Project 1 Rest\/json 2021-01-07 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20002 1 Rest\/json Project 1 Rest\/json 2021-01-07 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20007 1 Rest\/json Project 1 Rest\/json 2021-01-07 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.