Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1036
Cross-site request forgery (CSRF) vulnerability in the Plus 1 module prior to 6.x-2.6, a module for Drupal, allows remote malicious users to cast votes for content via unspecified aspects of the URI.
Drupal Plus1 6.x-1.0
Drupal Plus1 6.x-1.1
Drupal Plus1 6.x-2.1
Drupal Plus1 6.x-2.0
Drupal Plus1
Drupal Plus1 6.x-2.2
Drupal Plus1 6.x-1.2
Drupal Plus1 6.x-1.3
Drupal Plus1 6.x-2.3
Drupal Plus1 6.x-2.4
NA
CVE-2012-1646
Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x prior to 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via the (1) title parameter in faq.admin.inc or (2) detailed_question parameter in fa...
Drupal Faq 6.x-1.0
Drupal Faq 6.x-1.1
Drupal Faq 6.x-1.2
Drupal Faq 6.x-1.9
Drupal Faq 6.x-1.10
Drupal Faq 6.x-1.3
Drupal Faq 6.x-1.4
Drupal Faq 6.x-1.11
Drupal Faq 6.x-1.12
Drupal Faq 6.x-1.5
Drupal Faq 6.x-1.6
Drupal Faq 6.x-1.x
Drupal Faq 6.x-1.7
Drupal Faq 6.x-1.8
Drupal Faq 7x-1.x-rc1
NA
CVE-2014-8078
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 6.x-1.x prior to 6.x-1.19, 7.x-1.x prior to 7.x-1.3, and 7.x-2.x prior to 7.x-2.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web scri...
Drupal Print 6.x-1.1
Drupal Print 6.x-1.2
Drupal Print 6.x-1.9
Drupal Print 6.x-1.10
Drupal Print 6.x-1.16
Drupal Print 6.x-1.17
Drupal Print 7.x-1.1
Drupal Print 7.x-1.2
Drupal Print 6.x-1.7
Drupal Print 6.x-1.8
Drupal Print 6.x-1.14
Drupal Print 6.x-1.15
Drupal Print 7.x-1.0
Drupal Print 6.x-1.5
Drupal Print 6.x-1.6
Drupal Print 6.x-1.12
Drupal Print 6.x-1.13
Drupal Print 7.x-2.0
Drupal Print 6.x-1.3
Drupal Print 6.x-1.4
Drupal Print 6.x-1.11
Drupal Print 6.x-1.18
NA
CVE-2015-6665
Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x prior to 7.39 and the Ctools module 6.x-1.x prior to 6.x-1.14 for Drupal allows remote malicious users to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly rela...
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Fedoraproject Fedora 23
Drupal Drupal 7.0
Drupal Drupal 7.15
Drupal Drupal 7.11
Drupal Drupal 7.12
Drupal Drupal 7.2
Drupal Drupal 7.20
Drupal Drupal 7.27
Drupal Drupal 7.28
Drupal Drupal 7.36
Drupal Drupal 7.37
Drupal Drupal 7.x-dev
Drupal Drupal 7.16
Drupal Drupal 7.17
Drupal Drupal 7.23
Drupal Drupal 7.24
Drupal Drupal 7.30
Drupal Drupal 7.33
Drupal Drupal 7.6
Drupal Drupal 7.7
NA
CVE-2010-3022
Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5.x prior to 5.x-1.3 and 6.x prior to 6.x-1.21 for Drupal allows remote authenticated users, with add url aliases and report access permissions, to inject arbitrary web script or HTML v...
Drupal Devel Module
Drupal Devel Module 6.x-1.19
Drupal Devel Module 6.x-1.11
Drupal Devel Module 6.x-1.10
Drupal Devel Module 6.x-1.3
Drupal Devel Module 6.x-1.1
Drupal Devel Module 6.x-1.13
Drupal Devel Module 6.x-1.12
Drupal Devel Module 6.x-1.5
Drupal Devel Module 6.x-1.4
Drupal Devel Module 5.x-1.1
Drupal Devel Module 5.x-1.0
Drupal Devel Module 6.x-1.18
Drupal Devel Module 6.x-1.17
Drupal Devel Module 6.x-1.16
Drupal Devel Module 6.x-1.9
Drupal Devel Module 6.x-1.8
Drupal Devel Module 6.x-1.0
Drupal Devel Module 6.x-1.2
Drupal Devel Module 6.x-1.15
Drupal Devel Module 6.x-1.14
Drupal Devel Module 6.x-1.7
NA
CVE-2008-6383
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x prior to 5.x-1.14 and 6.x prior to 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
Drupal Storm 5.x-1.13
Drupal Storm 5.x-1.7
Drupal Storm 5.x-1.4
Drupal Storm 6.x-1.16
Drupal Storm 6.x-1.15
Drupal Storm 6.x-1.14
Drupal Storm 6.x-1.7
Drupal Storm 6.x-1.8
Drupal Storm 6.x-1.x-dev
Drupal Storm 5.x-1.12
Drupal Storm 5.x-1.11
Drupal Storm 5.x-1.5
Drupal Storm 5.x-1.3
Drupal Storm 6.x-1.13
Drupal Storm 6.x-1.12
Drupal Storm 6.x-1.4
Drupal Storm 6.x-1.5
Drupal Storm 5.x-1.8
Drupal Storm 5.x-1.6
Drupal Storm 5.x-1.x-dev
Drupal Storm 6.x-1.17
Drupal Storm 6.x-1.9
NA
CVE-2009-1344
Cross-site scripting (XSS) vulnerability in the Localization client module 5.x prior to 5.x-1.2 and 6.x prior to 6.x-1.7, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via input to the translation functionality.
Drupal Localization Client 6.x-1.5
Drupal Localization Client 6.x-1.xdev
Drupal Localization Client 5.x-1.1
Drupal Localization Client 6.x-1.6
Drupal Localization Client 6.x-1.2
Drupal Localization Client 6.x-1.4
Drupal Localization Client 5.x-1.0
Drupal Localization Client 5.x-1.xdev
Drupal Localization Client 6.x-1.0
Drupal Localization Client 6.x-1.1
Drupal Localization Client 6.x-1.3
NA
CVE-2009-2076
Cross-site scripting (XSS) vulnerability in Views 6.x prior to 6.x-2.6, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via (1) exposed filters in the Views UI administrative interface and in the (2) view name parameter in the define ...
Drupal Views 6.x-2.0
Drupal Views 6.x-2.1
Drupal Views 6.x-2.2
Drupal Views 6.x-2.3
Drupal Views 6.x-2.4
Drupal Views 6.x-2.5
NA
CVE-2009-1507
The Node Access User Reference module 5.x prior to 5.x-2.0-beta4 and 6.x prior to 6.x-2.0-beta6, a module for Drupal, interprets an empty CCK user reference as a reference to the anonymous user, which might allow remote malicious users to bypass intended access restrictions to re...
Drupal Nodeaccess Userreference 5.x-1.3
Drupal Nodeaccess Userreference 5.x-1.0
Drupal Nodeaccess Userreference 6.x-2.0
Drupal Nodeaccess Userreference 6.x-1.1
Drupal Nodeaccess Userreference 6.x-1.0
Drupal Nodeaccess Userreference 5.x-1.1
Drupal Nodeaccess Userreference 5.x-1.2
Drupal Nodeaccess Userreference 6.x-1.4
Drupal Nodeaccess Userreference 6.x-1.2
Drupal Nodeaccess Userreference 5.x-1.4
Drupal Nodeaccess Userreference 5.x-2.0
Drupal Nodeaccess Userreference 6.x-1.7
Drupal Nodeaccess Userreference 6.x-1.6
Drupal Nodeaccess Userreference 6.x-1.5
NA
CVE-2014-8296
Cross-site scripting (XSS) vulnerability in the Modal Frame API module 6.x-1.x prior to 6.x-1.9 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Drupal Modal Frame 6.x-1.8
Drupal Modal Frame 6.x-1.7
Drupal Modal Frame 6.x-1.0
Drupal Modal Frame 6.x-1.2
Drupal Modal Frame 6.x-1.1
Drupal Modal Frame 6.x-1.4
Drupal Modal Frame 6.x-1.3
Drupal Modal Frame 6.x-1.6
Drupal Modal Frame 6.x-1.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »