Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 4.7 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2007-2160
Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and prior to 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote malicious users to perform unauthorized actions as an arbitrary user, a related issue to CVE-200...
Drupal Database Administration Module 4.6
Drupal Database Administration Module 4.7
383
VMScore
CVE-2007-6320
Feature 4.7.x-dev and 5.x-dev prior to 20071206, a Drupal module, does not follow Drupal's Forms API submission model, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks.
Drupal Feature Module 4.7.x Dev
Drupal Feature Module 5.x Dev
668
VMScore
CVE-2007-1033
Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x-dev module for Drupal allows remote malicious users to bypass access restrictions via a crafted URL.
Drupal Secure Site Module 5.0
Drupal Secure Site Module 4.7
383
VMScore
CVE-2007-4363
Multiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Construction Kit (CCK) prior to 4.7.x-1.6, and 5.x prior to 5.x-1.6 ,allow remote malicious users to inject arbitrary web script or HTML via nodereference fields, when using (1) the ...
Drupal Content Construction Kit 4.7
Drupal Content Construction Kit 5.2
890
VMScore
CVE-2008-0568
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote malicious users to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
Drupal Secure Site Module 5.0
Drupal Secure Site Module 4.7
570
VMScore
CVE-2008-0569
The Comment Upload 4.7.x prior to 4.7.x-0.1 and 5.x prior to 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote malicious users to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspec...
Drupal Comment Upload Module 4.7
Drupal Comment Upload Module 5.0
668
VMScore
CVE-2006-6529
The Chatroom Module prior to 4.7.x.-1.0 for Drupal displays private messages in a chatroom's last messages overview, which allows remote malicious users to obtain sensitive information by reading the overview.
Drupal Chatroom Module 4.7
668
VMScore
CVE-2006-5608
SQL injection vulnerability in Extended Tracker (xtracker) 4.7 prior to 1.5.2.1 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs."
Drupal Extended Tracker 4.7
668
VMScore
CVE-2007-6299
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x prior to 4.7.9 and 5.x prior to 5.4 allow remote malicious users to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ...
Drupal Drupal 4.4.1
Drupal Drupal 4.4.2
Drupal Drupal 4.5.5
Drupal Drupal 4.5.6
Drupal Drupal 4.6.2
Drupal Drupal 4.6.3
Drupal Drupal 4.7
Drupal Drupal 4.7.1
Drupal Drupal 4.7.8
Drupal Drupal 4.7 Rev1.15
Drupal Drupal 4.2.0 Rc
Drupal Drupal 4.4.0
Drupal Drupal 4.5.3
Drupal Drupal 4.5.4
Drupal Drupal 4.6.1
Drupal Drupal 4.6.10
Drupal Drupal 4.6.11
Drupal Drupal 4.6.8
Drupal Drupal 4.6.9
Drupal Drupal 4.7.6
Drupal Drupal 4.7.7
Drupal Drupal 4.0.0
383
VMScore
CVE-2008-0576
Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev prior to 20080130 in the 5.x-2.x series, 5.x-1.2 and previous versions in the 5.x-1.x series, 4.7.x-2.6 and previous versions in the 4.7.x-2.x series, and 4.7.x-1.6 and previous versions in ...
Drupal Project Issue Tracking Module 5
Drupal Project Issue Tracking Module 4.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »