Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2771
The Node Hierarchy module 5.x prior to 5.x-1.1 and 6.x prior to 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vect...
Drupal Drupal 5.0
Drupal Node Hierarchy Module 5
Drupal Node Hierarchy Module 6
Drupal Drupal 6.0
NA
CVE-2012-1642
includes/linkchecker.pages.inc in the Link checker module 6.x-2.x prior to 6.x-2.5 for Drupal does not properly enforce access permissions on broken links, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Yaml-fuer-drupal Linkchecker 6.x-2.0
Yaml-fuer-drupal Linkchecker 6.x-2.1
Yaml-fuer-drupal Linkchecker 6.x-2.2
Yaml-fuer-drupal Linkchecker 6.x-2.3
Yaml-fuer-drupal Linkchecker 6.x-2.4
Yaml-fuer-drupal Linkchecker 6.x-2.x
NA
CVE-2014-7870
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x prior to 6.x-1.12 and 7.x-1.x prior to 7.x-1.14 for Drupal allows remote authenticated users with the "administer custom search" permission to inject arbitrary web script or HTML via the "...
Drupal Custom Search Module 7.x-1.0
Drupal Custom Search Module 7.x-1.3
Drupal Custom Search Module 6.x-1.10
Drupal Custom Search Module 7.x-1.6
Drupal Custom Search Module 6.x-1.9
Drupal Custom Search Module 6.x-1.5
Drupal Custom Search Module 6.x-1.4
Drupal Custom Search Module 7.x-1.10
Drupal Custom Search Module 6.x-1.2
Drupal Custom Search Module 7.x-1.2
Drupal Custom Search Module 7.x-1.11
Drupal Custom Search Module 6.x-1.7
Drupal Custom Search Module 6.x-1.1
Drupal Custom Search Module 7.x-1.13
Drupal Custom Search Module 6.x-1.6
Drupal Custom Search Module 7.x-1.5
Drupal Custom Search Module 6.x-1.0
Drupal Custom Search Module 7.x-1.8
Drupal Custom Search Module 7.x-1.9
Drupal Custom Search Module 6.x-1.3
Drupal Custom Search Module 7.x-1.1
Drupal Custom Search Module 6.x-1.11
NA
CVE-2014-8745
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x prior to 6.x-1.13 and 7.x-1.x prior to 7.x-1.15 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a taxonomy voca...
Drupal Custom Search Module 7.x-1.0
Drupal Custom Search Module 7.x-1.3
Drupal Custom Search Module 6.x-1.10
Drupal Custom Search Module 7.x-1.6
Drupal Custom Search Module 6.x-1.9
Drupal Custom Search Module 6.x-1.5
Drupal Custom Search Module 6.x-1.12
Drupal Custom Search Module 6.x-1.4
Drupal Custom Search Module 7.x-1.10
Drupal Custom Search Module 7.x-1.14
Drupal Custom Search Module 6.x-1.2
Drupal Custom Search Module 7.x-1.2
Drupal Custom Search Module 7.x-1.11
Drupal Custom Search Module 6.x-1.7
Drupal Custom Search Module 6.x-1.1
Drupal Custom Search Module 7.x-1.13
Drupal Custom Search Module 6.x-1.6
Drupal Custom Search Module 7.x-1.5
Drupal Custom Search Module 6.x-1.0
Drupal Custom Search Module 7.x-1.8
Drupal Custom Search Module 7.x-1.9
Drupal Custom Search Module 6.x-1.3
9.8
CVSSv3
CVE-2011-2715
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.
Drupal Drupal 6.20
Drupal Data 6.x-1.0
6.1
CVSSv3
CVE-2011-2714
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
Drupal Drupal 6.20
Drupal Data 6.x-1.0
NA
CVE-2009-2074
Cross-site scripting (XSS) vulnerability in Nodequeue 5.x prior to 5.x-2.7 and 6.x prior to 6.x-2.2, a module for Drupal, allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via vocabulary names.
Drupal Nodequeue 5.x-2.0-rc
Drupal Nodequeue 5.x-2.0 Beta
Drupal Nodequeue 5.x-2.0 Rc1
Drupal Nodequeue 5.x-2.1
Drupal Nodequeue 5.x-2.2
Drupal Nodequeue 5.x-2.3
Drupal Nodequeue 5.x-2.4
Drupal Nodequeue 5.x-2.5
Drupal Nodequeue 5.x-2.6
Drupal Nodequeue 6.x-2.0
Drupal Nodequeue 6.x-2.0-rc1
Drupal Nodequeue 6.x-2.0-rc2
Drupal Nodequeue 6.x-2.1
NA
CVE-2009-2035
Unspecified vulnerability in Services 6.x prior to 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote malicious users to read or add keys and access unauthorized services via unspecified vectors.
Drupal Services Module For Drupal
Drupal Services Module For Drupal 6.x-0.12
NA
CVE-2014-8075
Cross-site scripting (XSS) vulnerability in the Tribune module 6.x-1.x and 7.x-3.x for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title.
Drupal Tribune 6.x-1.2
Drupal Tribune 7.x-3.0
Drupal Tribune 6.x-1.13
NA
CVE-2011-4560
Cross-site scripting (XSS) vulnerability in the Petition Node module 6.x-1.x prior to 6.x-1.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to signing a petition.
Drupal Petition Node Module 6.x-1.1
Drupal Petition Node Module 6.x-1.2
Drupal Petition Node Module 6.x-1.3
Drupal Petition Node Module 6.x-1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »