Vulnerabilities > Structured Dynamics
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-09-17 | CVE-2015-7234 | Improper Input Validation vulnerability in Structured Dynamics Open Semantic Framework 7.X3.0/7.X3.X The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors. | 4.0 |
2015-09-17 | CVE-2015-7233 | Cross-Site Request Forgery (CSRF) vulnerability in Structured Dynamics Open Semantic Framework 7.X3.0/7.X3.X Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors. | 5.1 |
2015-09-17 | CVE-2015-7232 | Cross-site Scripting vulnerability in Structured Dynamics Open Semantic Framework 7.X3.0/7.X3.X Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2.6 |