Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 5.x vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6384
Multiple cross-site request forgery (CSRF) vulnerabilities in Comment Mail 5.x prior to 5.x-1.1, a module for Drupal, allow remote malicious users to hijack the authentication of administrators.
Drupal Comment Mail 5.x-1.x
Drupal Comment Mail 5.x-1.0
Drupal Comment Mail 5.x-0.1
NA
CVE-2009-1505
SQL injection vulnerability in the News Page module 5.x prior to 5.x-1.2 for Drupal allows remote authenticated users, with News Page nodes create and edit privileges, to execute arbitrary SQL commands via the Include Words (aka keywords) field.
Drupal News Page 5.x-1.x
Drupal News Page 5.x-1.1
NA
CVE-2009-1249
Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x prior to 5.x-1.1, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map.
Drupal Feedapi Mapper 5.x-1.0
Drupal Feedapi Mapper 5.x-1.x
NA
CVE-2008-4152
Cross-site scripting (XSS) vulnerability in the Talk module 5.x prior to 5.x-1.3 and 6.x prior to 6.x-1.5, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via a node title.
Drupal Talk
Drupal Talk 6.x-1.1
Drupal Talk 6.x-1.0
Drupal Talk 6.x-1.2
Drupal Talk 5.x-1.1
Drupal Talk 5.x-1.0
NA
CVE-2008-4153
The Talk module 5.x prior to 5.x-1.3 and 6.x prior to 6.x-1.5, a module for Drupal, does not perform access checks for a node before displaying comments, which allows remote malicious users to obtain sensitive information.
Drupal Talk
Drupal Talk 6.x-1.1
Drupal Talk 6.x-1.0
Drupal Talk 6.x-1.2
Drupal Talk 5.x-1.1
Drupal Talk 5.x-1.0
NA
CVE-2008-6169
Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x prior to 5.x-1.1 and 6.x prior to 6.x-1.6 and the Localization server 5.x prior to 5.x-1.0-alpha5 and 6.x prior to 6.x-alpha2, modules for Drupal, allows remote malicious users to perform unauthorized ...
Drupal Localization Client 6.x-1.4
Drupal Localization Client
Drupal Localization Server 5.x-1.0alpha1
Drupal Localization Server
Drupal Localization Client 5.x-1.xdev
Drupal Localization Client 6.x-1.0
Drupal Localization Server 5.x-1.0alpha2
Drupal Localization Server 5.x-1.xdev
Drupal Localization Client 6.x-1.xdev
Drupal Localization Server 5.x-1.0alpha3
Drupal Localization Client 6.x-1.1
Drupal Localization Client 6.x-1.2
Drupal Localization Client 6.x-1.3
Drupal Localization Server 6.x-1.xdev
NA
CVE-2009-1344
Cross-site scripting (XSS) vulnerability in the Localization client module 5.x prior to 5.x-1.2 and 6.x prior to 6.x-1.7, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via input to the translation functionality.
Drupal Localization Client 6.x-1.5
Drupal Localization Client 6.x-1.xdev
Drupal Localization Client 5.x-1.1
Drupal Localization Client 6.x-1.6
Drupal Localization Client 6.x-1.2
Drupal Localization Client 6.x-1.4
Drupal Localization Client 5.x-1.0
Drupal Localization Client 5.x-1.xdev
Drupal Localization Client 6.x-1.0
Drupal Localization Client 6.x-1.1
Drupal Localization Client 6.x-1.3
NA
CVE-2009-2079
Cross-site scripting (XSS) vulnerability in the administrative page interface in Taxonomy manager 5.x prior to 5.x-1.2 and 6.x prior to 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add t...
Drupal Taxonomy Manager 5.x-1.0
Drupal Taxonomy Manager 5.x-1.1
Drupal Taxonomy Manager 6.x-1.0
Drupal Taxonomy Manager 6.x-1.0-beta1
Drupal Taxonomy Manager 6.x-1.0-beta2
NA
CVE-2009-0382
Unspecified vulnerability in Internationalization (i18n) Translation 5.x prior to 5.x-2.5, a module for Drupal, allows remote attackers with "translate node" permissions to bypass intended access restrictions and read unpublished nodes via unspecified vectors.
Drupal Internationalization 5.x-1.1
Drupal Internationalization
NA
CVE-2008-0277
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
Drupal Fileshare Module 4.7.x
Drupal Fileshare Module 5.x
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »