Earl Dunovant: Security Vulnerabilities
The Monthly Archive by Node Type module 6.x for Drupal does not properly check permissions defined by node_access modules, which allows remote attackers to access restricted nodes via unspecified vectors.
CVSS Score
5.8
EPSS Score
0.002
Published
2012-10-31
The week_post_page function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows remote attackers to read restricted node listings via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.006
Published
2010-02-27