Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 4.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4363
Multiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Construction Kit (CCK) prior to 4.7.x-1.6, and 5.x prior to 5.x-1.6 ,allow remote malicious users to inject arbitrary web script or HTML via nodereference fields, when using (1) the ...
Drupal Content Construction Kit 4.7
Drupal Content Construction Kit 5.2
NA
CVE-2007-2159
Multiple cross-site scripting (XSS) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and prior to 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors relating to (1) direct d...
Drupal Database Administration Module 4.6
Drupal Database Administration Module 4.7
NA
CVE-2007-2160
Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and prior to 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote malicious users to perform unauthorized actions as an arbitrary user, a related issue to CVE-200...
Drupal Database Administration Module 4.6
Drupal Database Administration Module 4.7
NA
CVE-2008-0277
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
Drupal Fileshare Module 4.7.x
Drupal Fileshare Module 5.x
NA
CVE-2008-0568
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote malicious users to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
Drupal Secure Site Module 5.0
Drupal Secure Site Module 4.7
NA
CVE-2008-0569
The Comment Upload 4.7.x prior to 4.7.x-0.1 and 5.x prior to 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote malicious users to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspec...
Drupal Comment Upload Module 4.7
Drupal Comment Upload Module 5.0
NA
CVE-2007-6299
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x prior to 4.7.9 and 5.x prior to 5.4 allow remote malicious users to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ...
Drupal Drupal 4.4.1
Drupal Drupal 4.4.2
Drupal Drupal 4.5.5
Drupal Drupal 4.5.6
Drupal Drupal 4.6.2
Drupal Drupal 4.6.3
Drupal Drupal 4.7
Drupal Drupal 4.7.1
Drupal Drupal 4.7.8
Drupal Drupal 4.7 Rev1.15
Drupal Drupal 4.2.0 Rc
Drupal Drupal 4.4.0
Drupal Drupal 4.5.3
Drupal Drupal 4.5.4
Drupal Drupal 4.6.1
Drupal Drupal 4.6.10
Drupal Drupal 4.6.11
Drupal Drupal 4.6.8
Drupal Drupal 4.6.9
Drupal Drupal 4.7.6
Drupal Drupal 4.7.7
Drupal Drupal 4.0.0
NA
CVE-2006-6529
The Chatroom Module prior to 4.7.x.-1.0 for Drupal displays private messages in a chatroom's last messages overview, which allows remote malicious users to obtain sensitive information by reading the overview.
Drupal Chatroom Module 4.7
NA
CVE-2006-5608
SQL injection vulnerability in Extended Tracker (xtracker) 4.7 prior to 1.5.2.1 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs."
Drupal Extended Tracker 4.7
NA
CVE-2008-0576
Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev prior to 20080130 in the 5.x-2.x series, 5.x-1.2 and previous versions in the 5.x-1.x series, 4.7.x-2.6 and previous versions in the 4.7.x-2.x series, and 4.7.x-1.6 and previous versions in ...
Drupal Project Issue Tracking Module 5
Drupal Project Issue Tracking Module 4.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »