Vulnerabilities > Nicholas Thompson
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-04-10 | CVE-2011-1661 | Permissions, Privileges, and Access Controls vulnerability in Nicholas Thompson Node Quick Find 6.X1.1 The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node titles, which allows remote attackers to bypass intended access restrictions and read potentially sensitive node titles via the autocomplete feature. | 5.0 |
2011-03-23 | CVE-2010-4775 | Improper Input Validation vulnerability in Nicholas Thompson Relevant Content The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships. | 5.0 |