Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 5.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5621
Multiple cross-site scripting (XSS) vulnerabilities in the Token module prior to 4.7.x-1.5, and 5.x prior to 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote auth...
Drupal Drupal 5.2
Drupal E-commerce Module
Drupal Token Module
Drupal Asin Field Module
Drupal Drupal 4.7
Drupal Node Relativity Module
Drupal Pathauto Module
Drupal Drupal 5.0
Drupal Drupal 5.1
Drupal Paypal Node Module
Drupal Ubercart Module
Drupal Fullname Field For Cck
Drupal Invite Module
NA
CVE-2008-2999
Multiple SQL injection vulnerabilities in the Aggregation module 5.x prior to 5.x-4.4 for Drupal allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Drupal Aggregation Module 4.3
Drupal Aggregation Module 3.2
Drupal Aggregation Module 4.0
Drupal Drupal 5.2
Drupal Drupal 5.3
Drupal Drupal 5.0
Drupal Drupal 5.7
Drupal Aggregation Module 3.0
Drupal Aggregation Module 3.1
Drupal Drupal 5.1
Drupal Drupal 5.1 Rev1.1
Drupal Aggregation Module 4.1
Drupal Aggregation Module 4.2
Drupal Drupal 5.4
Drupal Drupal 5.5.
NA
CVE-2009-1844
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x prior to 5.18 and 6.x prior to 6.12 allow (1) remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, which are not...
Drupal Drupal 5.1
Drupal Drupal 5.10
Drupal Drupal 5.8
Drupal Drupal 5.9
Drupal Drupal 6.1
Drupal Drupal 6.2
Drupal Drupal 6.9
Drupal Drupal 6.10
Drupal Drupal 5.13
Drupal Drupal 5.14
Drupal Drupal 5.3
Drupal Drupal 5.2
Drupal Drupal 6.5
Drupal Drupal 6.6
Drupal Drupal 5.0
Drupal Drupal 5.15
Drupal Drupal 5.16
Drupal Drupal 5.7
Drupal Drupal 5.6
Drupal Drupal 6.0
Drupal Drupal 6.7
Drupal Drupal 6.8
NA
CVE-2009-1575
Cross-site scripting (XSS) vulnerability in Drupal 5.x prior to 5.17 and 6.x prior to 6.11, as used in vbDrupal prior to 5.17.0, allows remote malicious users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences before the Content-Type meta tag, which are treat...
Drupal Drupal 5.0
Drupal Drupal 5.1
Drupal Drupal 5.4
Drupal Drupal 5.5
Drupal Drupal 5.13
Drupal Drupal 5.14
Drupal Drupal 6.0
Drupal Drupal 6
Drupal Drupal 6.5
Drupal Drupal 5.1 Rev1.1
Drupal Drupal 5.2
Drupal Drupal 5.3
Drupal Drupal 5.9
Drupal Drupal 5.12
Drupal Drupal 6.1
Drupal Drupal 6.2
Drupal Drupal 6.10
Drupal Drupal 6.4
Drupal Drupal 5.7
Drupal Drupal 5.8
Drupal Drupal 6.6
Drupal Drupal 6.8
NA
CVE-2009-2373
Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x prior to 6.13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Drupal Drupal 6.3
Drupal Drupal 6.0
Drupal Drupal 5.14
Drupal Drupal 5.16
Drupal Drupal 5.2
Drupal Drupal 5.8
Drupal Drupal 6.8
Drupal Drupal 6.10
Drupal Drupal 6.9
Drupal Drupal 6.12
Drupal Drupal 5.1 Rev1.1
Drupal Drupal 5.13
Drupal Drupal 5.3
Drupal Drupal 5.5.
Drupal Drupal 5.4
Drupal Drupal 5.0
Drupal Drupal 6.6
Drupal Drupal 6.7
Drupal Drupal 6.5
Drupal Drupal 6.4
Drupal Drupal 5.1
Drupal Drupal 5.9
NA
CVE-2009-4369
Cross-site scripting (XSS) vulnerability in the Contact module (modules/contact/contact.admin.inc or modules/contact/contact.module) in Drupal Core 5.x prior to 5.21 and 6.x prior to 6.15 allows remote authenticated users with "administer site-wide contact form" permiss...
Drupal Drupal 6.10
Drupal Drupal 6.9
Drupal Drupal 6.0
Drupal Drupal 6.13
Drupal Drupal 5.1
Drupal Drupal 5.2
Drupal Drupal 5.10
Drupal Drupal 5.18
Drupal Drupal 5.11
Drupal Drupal 5.19
Drupal Drupal 5.20
Drupal Drupal 6.11
Drupal Drupal 6.7
Drupal Drupal 6.12
Drupal Drupal 6.4
Drupal Drupal 6.14
Drupal Drupal 5.x
Drupal Drupal 6.6
Drupal Drupal 6.2
Drupal Drupal 6.1
Drupal Drupal 6.5
Drupal Drupal 5.0
NA
CVE-2010-3092
The upload module in Drupal 5.x prior to 5.23 and 6.x prior to 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to bypass the intended restrictions on downloading a file by uploading a different...
Drupal Drupal 5.0
Drupal Drupal 5.10
Drupal Drupal 5.11
Drupal Drupal 5.12
Drupal Drupal 5.13
Drupal Drupal 5.14
Drupal Drupal 5.2
Drupal Drupal 5.3
Drupal Drupal 5.4
Drupal Drupal 5.5
Drupal Drupal 5.19
Drupal Drupal 5.20
Drupal Drupal 5.21
Drupal Drupal 5.22
Drupal Drupal 5.1
Drupal Drupal 5.6
Drupal Drupal 5.8
Drupal Drupal 5.15
Drupal Drupal 5.17
Drupal Drupal 5.7
Drupal Drupal 5.9
Drupal Drupal 5.16
NA
CVE-2010-3093
The comment module in Drupal 5.x prior to 5.23 and 6.x prior to 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a crafted URL, related to an "unpublishing bypass" issue.
Drupal Drupal 5.4
Drupal Drupal 5.5
Drupal Drupal 5.6
Drupal Drupal 5.7
Drupal Drupal 5.20
Drupal Drupal 5.21
Drupal Drupal 5.22
Drupal Drupal 5.0
Drupal Drupal 5.12
Drupal Drupal 5.13
Drupal Drupal 5.14
Drupal Drupal 5.15
Drupal Drupal 5.1
Drupal Drupal 5.3
Drupal Drupal 5.8
Drupal Drupal 5.10
Drupal Drupal 5.17
Drupal Drupal 5.19
Drupal Drupal 5.2
Drupal Drupal 5.9
Drupal Drupal 5.11
Drupal Drupal 5.16
NA
CVE-2007-4363
Multiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Construction Kit (CCK) prior to 4.7.x-1.6, and 5.x prior to 5.x-1.6 ,allow remote malicious users to inject arbitrary web script or HTML via nodereference fields, when using (1) the ...
Drupal Content Construction Kit 4.7
Drupal Content Construction Kit 5.2
NA
CVE-2007-6299
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x prior to 4.7.9 and 5.x prior to 5.4 allow remote malicious users to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ...
Drupal Drupal 4.4.1
Drupal Drupal 4.4.2
Drupal Drupal 4.5.5
Drupal Drupal 4.5.6
Drupal Drupal 4.6.2
Drupal Drupal 4.6.3
Drupal Drupal 4.7
Drupal Drupal 4.7.1
Drupal Drupal 4.7.8
Drupal Drupal 4.7 Rev1.15
Drupal Drupal 4.2.0 Rc
Drupal Drupal 4.4.0
Drupal Drupal 4.5.3
Drupal Drupal 4.5.4
Drupal Drupal 4.6.1
Drupal Drupal 4.6.10
Drupal Drupal 4.6.11
Drupal Drupal 4.6.8
Drupal Drupal 4.6.9
Drupal Drupal 4.7.6
Drupal Drupal 4.7.7
Drupal Drupal 4.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »