Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal organic groups module 6 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2008-3095
Cross-site scripting (XSS) vulnerability in the Organic Groups (OG) module 5.x prior to 5.x-7.3 and 6.x prior to 6.x-1.0-RC1, a module for Drupal, allows remote authenticated users, with group owner permissions, to inject arbitrary web script or HTML via unspecified vectors.
Drupal Organic Groups Module 5
Drupal Organic Groups Module 6
383
VMScore
CVE-2008-3094
The Organic Groups (OG) module 5.x prior to 5.x-7.3 and 6.x prior to 6.x-1.0-RC1, a module for Drupal, allows remote malicious users to obtain sensitive information (private group names) via unspecified vectors.
Organic Groups Project Organic Groups 5.x-5.x-7.2
Organic Groups Project Organic Groups 5.x-7.0
Organic Groups Project Organic Groups 5.x-7.1
Organic Groups Project Organic Groups 6.x-1.0
Organic Groups Project Organic Groups 6.x-1.x
187
VMScore
CVE-2012-1644
The Organic Groups (OG) Vocabulary module 6.x-1.x prior to 6.x-1.2 for Drupal allows remote authenticated users with certain administrator permissions to modify the vocabularies of other groups via unspecified vectors.
Gizra Og Vocab 6.x-1.x
Gizra Og Vocab 6.x-1.0
Gizra Og Vocab 6.x-1.1
445
VMScore
CVE-2012-2081
The Organic Groups (OG) module 6.x-2.x prior to 6.x-2.3 for Drupal does not properly restrict access, which allows remote malicious users to obtain sensitive information such as private group titles via a request through the Views module.
Moshe Weitzman Organic Groups 6.x-2.x
Moshe Weitzman Organic Groups 6.x-2.2
Moshe Weitzman Organic Groups 6.x-2.0
Moshe Weitzman Organic Groups 6.x-2.1
187
VMScore
CVE-2012-3800
Cross-site scripting (XSS) vulnerability in og.js in the Organic Groups (OG) module 6.x-2.x prior to 6.x-2.4 for Drupal, when used with the Vertical Tabs module, allows remote authenticated users to inject arbitrary web script or HTML via vectors related the group title.
Moshe Weitzman Organic Groups 6.x-2.0
Moshe Weitzman Organic Groups 6.x-2.3
Moshe Weitzman Organic Groups 6.x-2.2
Moshe Weitzman Organic Groups 6.x-2.1
Moshe Weitzman Organic Groups 6.x-2.x
605
VMScore
CVE-2012-2721
The default views in the Organic Groups (OG) module 6.x-2.x prior to 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows remote malicious users to bypass access restrictions and possibly have oth...
Moshe Weitzman Organic Groups 6.x-2.0
Moshe Weitzman Organic Groups 6.x-2.1
Moshe Weitzman Organic Groups 6.x-2.x
Moshe Weitzman Organic Groups 6.x-2.2
Moshe Weitzman Organic Groups 6.x-2.3
578
VMScore
CVE-2009-4528
The Organic Groups (OG) Vocabulary module 6.x prior to 6.x-1.0 for Drupal allows remote authenticated group members to bypass intended access restrictions, and create, modify, or read a vocabulary, via unspecified vectors.
Moshe Weitzman Og Vocab 6.x-1.0
Moshe Weitzman Og Vocab 6.x-1.x
312
VMScore
CVE-2009-3652
Cross-site scripting (XSS) vulnerability in Organic Groups (OG) 5.x-7.x prior to 5.x-7.4, 5.x-8.x prior to 5.x-8.1, and 6.x-1.x prior to 6.x-1.4, a module for Drupal, allows remote authenticated users, with create or edit group nodes permissions, to inject arbitrary web script or...
Moshe Weitzman Organic Groups 5.x-7.0-rc2
Moshe Weitzman Organic Groups 5.x-7.0-rc1
Moshe Weitzman Organic Groups 6.x-1.0
Moshe Weitzman Organic Groups 6.x-1.0-rc9
Moshe Weitzman Organic Groups 6.x-1.0-rc8
Moshe Weitzman Organic Groups 6.x-1.0-rc1
Moshe Weitzman Organic Groups 6.x-1.0-beta1
Moshe Weitzman Organic Groups 5.x-7.0
Moshe Weitzman Organic Groups 5.x-7.0-rc5
Moshe Weitzman Organic Groups 5.x-7.2
Moshe Weitzman Organic Groups 6.x-1.3
Moshe Weitzman Organic Groups 6.x-1.0-rc5
Moshe Weitzman Organic Groups 6.x-1.0-rc4
Moshe Weitzman Organic Groups 5.x-7.0-rc4
Moshe Weitzman Organic Groups 5.x-7.0-rc3
Moshe Weitzman Organic Groups 6.x-1.2
Moshe Weitzman Organic Groups 6.x-1.1
Moshe Weitzman Organic Groups 6.x-1.0-rc3
Moshe Weitzman Organic Groups 6.x-1.0-rc2
Moshe Weitzman Organic Groups 5.x-7.1
Moshe Weitzman Organic Groups 5.x-7.3
Moshe Weitzman Organic Groups 5.x-8.0
383
VMScore
CVE-2009-3786
Cross-site scripting (XSS) vulnerability in Organic Groups (OG) Vocabulary 5.x prior to 5.x-1.1 and 6.x prior to 6.x-1.1, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via the group title.
Moshe Weitzman Og Vocab 5.x-1.0
Moshe Weitzman Og Vocab 5.x-1.x-dev
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started