CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4375

The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.4%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2015-4375

Chaos Tool Suite Project » Ctools » Version: 7.x-1.0

cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0
Chaos Tool Suite Project » Ctools » Version: 7.x-1.1

cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.1
Chaos Tool Suite Project » Ctools » Version: 7.x-1.2

cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.2
Chaos Tool Suite Project » Ctools » Version: 7.x-1.3

cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.3
Chaos Tool Suite Project » Ctools » Version: 7.x-1.4

cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.4
Chaos Tool Suite Project » Ctools » Version: 7.x-1.5

cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.5
Chaos Tool Suite Project » Ctools » Version: 7.x-1.6

cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4375

Products

Pricing

Contact Us