Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 4.0 vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2013-4500
The Quiz module 6.x-4.x prior to 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option.
Quiz Module Project Quiz 6.x-4.1
Quiz Module Project Quiz 6.x-4.0
Quiz Module Project Quiz 6.x-4.4
Quiz Module Project Quiz 6.x-4.3
Quiz Module Project Quiz 6.x-4.2
6.8
CVSSv2
CVE-2012-2307
Cross-site request forgery (CSRF) vulnerability in the Addressbook module for Drupal 6.x-4.2 and previous versions allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Plaatsoft Addressbook 6.x-3.4
Plaatsoft Addressbook 5.x-3.3
Plaatsoft Addressbook 5.x-3.5
Plaatsoft Addressbook 6.x-3.6
Plaatsoft Addressbook
Plaatsoft Addressbook 6.x-4.1
Plaatsoft Addressbook 6.x-4.0
Plaatsoft Addressbook 6.x-3.7
Plaatsoft Addressbook 6.x-3.5
6.8
CVSSv2
CVE-2015-4390
Multiple cross-site request forgery (CSRF) vulnerabilities in the User Import module 6.x-4.x prior to 6.x-4.4 and 7.x-2.x prior to 7.x-2.3 for Drupal allow remote malicious users to hijack the authentication of administrators for requests that (1) continue or (2) delete an ongoin...
User Import Project User Import 6.x-4.x
User Import Project User Import 6.x-4.1
User Import Project User Import 6.x-4.0
User Import Project User Import 6.x-4.3
User Import Project User Import 6.x-4.2
3.5
CVSSv2
CVE-2010-2048
Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat module 6.x prior to 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Menhir Heartbeat 6.x-4.7
Menhir Heartbeat 6.x-4.6
Menhir Heartbeat 6.x-4.1
Menhir Heartbeat 6.x-4.0
Menhir Heartbeat 6.x-2.3
Menhir Heartbeat 6.x-4.5
Menhir Heartbeat 6.x-4.4
Menhir Heartbeat 6.x-4.x
Menhir Heartbeat 6.x-3.3
Menhir Heartbeat 6.x-4.8
Menhir Heartbeat 6.x-4.3
Menhir Heartbeat 6.x-4.2
Menhir Heartbeat 6.x-3.2
Menhir Heartbeat 6.x-3.x
4.3
CVSSv2
CVE-2009-4525
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.9 and 6.x prior to 6.x-1.9, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via crafted data in a list of links.
Joao Ventura Print 5.x-4.7
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 6.x-1.7
Joao Ventura Print 6.x-1.0
Joao Ventura Print 5.x-4.5
Joao Ventura Print 5.x-4.4
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.2
Joao Ventura Print 5.x-4.8
Joao Ventura Print 5.x-4.6
Joao Ventura Print 5.x-4.0
Joao Ventura Print 6.x-1.x
Joao Ventura Print 5.x-4.3
Joao Ventura Print 5.x-4.x
Joao Ventura Print 6.x-1.3
Joao Ventura Print 6.x-1.4
5
CVSSv2
CVE-2009-4526
The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.9 and 6.x prior to 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote malicious users to read page titles by requesting a &...
Joao Ventura Print 5.x-4.7
Joao Ventura Print 6.x-1.3
Joao Ventura Print 6.x-1.4
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 5.x-4.3
Joao Ventura Print 5.x-4.x
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.0
Joao Ventura Print 5.x-4.8
Joao Ventura Print 5.x-4.5
Joao Ventura Print 6.x-1.2
Joao Ventura Print 6.x-1.7
Joao Ventura Print 5.x-4.6
Joao Ventura Print 5.x-4.4
Joao Ventura Print 5.x-4.0
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.x
4.3
CVSSv2
CVE-2009-4063
Cross-site scripting (XSS) vulnerability in the Subgroups for Organic Groups (OG) module 5.x prior to 5.x-4.0 and 5.x prior to 5.x-3.4 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified node titles.
Ezra Barnett Gildesgame Og Subgroups 5.x-3.0
Ezra Barnett Gildesgame Og Subgroups 5.x-3.1
Ezra Barnett Gildesgame Og Subgroups 5.x-3.2
Ezra Barnett Gildesgame Og Subgroups 5.x-3.3
Ezra Barnett Gildesgame Og Subgroups 5.x-2.0
Ezra Barnett Gildesgame Og Subgroups 5.x-3.x
Ezra Barnett Gildesgame Og Subgroups 5.x-1.x
Ezra Barnett Gildesgame Og Subgroups 5.x-4.x
3.5
CVSSv2
CVE-2009-3210
Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.8 and 6.x prior to 6.x-1.8, a module for Drupal, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Joao Ventura Print 5.x-3.1
Joao Ventura Print 5.x-3.2
Joao Ventura Print 5.x-4.x-dev
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.x-dev
Joao Ventura Print 6.x-1.0
Joao Ventura Print 6.x-1.7
Joao Ventura Print 5.x-3.3
Joao Ventura Print 5.x-3.4
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.3
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.2
Joao Ventura Print 5.x-3.x-dev
Joao Ventura Print 5.x-3.0
Joao Ventura Print 5.x-3.7
Joao Ventura Print 5.x-4.0
Joao Ventura Print 5.x-4.7
Joao Ventura Print 5.x-2.2
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 5.x-3.5
2.6
CVSSv2
CVE-2011-1066
Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x prior to 6.x-2.4 and 6.x-4.x prior to 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to inject arbitrary web script or HTML via unspecified vectors.
Reyero Messaging 6.x-4.x
Reyero Messaging 6.x-2.0
Reyero Messaging 6.x-2.1
Reyero Messaging 6.x-2.2
Reyero Messaging 6.x-2.3
3.5
CVSSv2
CVE-2015-4357
Cross-site scripting (XSS) vulnerability in the Webform module prior to 6.x-3.22, 7.x-3.x prior to 7.x-3.22, and 7.x-4.x prior to 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title, which is used a...
Webform Project Webform 7.x-3.0
Webform Project Webform 7.x-3.1
Webform Project Webform 7.x-3.10
Webform Project Webform 7.x-3.11
Webform Project Webform 7.x-4.3
Webform Project Webform 7.x-3.9
Webform Project Webform 7.x-3.8
Webform Project Webform 7.x-3.7
Webform Project Webform 7.x-3.20
Webform Project Webform 7.x-3.21
Webform Project Webform 7.x-3.19
Webform Project Webform 7.x-3.18
Webform Project Webform 7.x-4.0
Webform Project Webform 7.x-4.2
Webform Project Webform 7.x-3.6
Webform Project Webform 7.x-3.4
Webform Project Webform 7.x-3.13
Webform Project Webform 7.x-3.15
Webform Project Webform 7.x-3.16
Webform Project Webform 7.x-4.1
Webform Project Webform 7.x-3.5
Webform Project Webform 7.x-3.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »