Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 4.6 vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2007-0507
SQL injection vulnerability in the Acidfree module for Drupal prior to 4.6.x-1.0, and prior to 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles.
Drupal Acidfree 4.6 1.0
Drupal Acidfree 4.7 1.0
668
VMScore
CVE-2006-4108
SQL injection vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Drupal Bibliography Module
383
VMScore
CVE-2006-4109
Cross-site scripting (XSS) vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Drupal Bibliography Module
668
VMScore
CVE-2006-4107
SQL injection vulnerability in the Job Search module (job.module) 4.6 before revision 1.3.2.1 in Drupal allows remote malicious users to execute arbitrary SQL commands via a job or resume search.
Drupal Job Search 4.6 Rev1.3.2
383
VMScore
CVE-2006-4949
Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site Profile Directory (profile_pages.module) prior to 1.1.2.1 and the Drupal 4.7 Site Profile Directory (profile_pages.module) prior to 1.2.2.1 allows remote malicious users to inject arbitrary web script or HTML via uns...
Drupal Site Profile Directory Module
312
VMScore
CVE-2008-5996
Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x prior to 5.x-1.5 and 6.x prior to 6.x-1.0-beta4, a module for Drupal, allows remote authenticated users, with "administer taxonomy" permissions, to inject arbitrary web script or HTML via a Newsletter...
Link3 Simplenews
Link3 Simplenews 5.x-1.3
Link3 Simplenews 4.7.x-1.x-dev
Link3 Simplenews 4.6.x-1.x-dev
Link3 Simplenews 4.7.x-2.x-dev
Link3 Simplenews 5.x-1.x-dev
Link3 Simplenews 5.x-1.2
Link3 Simplenews 5.x-1.1
Link3 Simplenews 6.x-1.0
Link3 Simplenews 5.x-1.0
Link3 Simplenews 4.7.x-1.0
Link3 Simplenews 6.x-1.x-dev
312
VMScore
CVE-2010-2048
Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat module 6.x prior to 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Menhir Heartbeat 6.x-4.7
Menhir Heartbeat 6.x-4.6
Menhir Heartbeat 6.x-4.1
Menhir Heartbeat 6.x-4.0
Menhir Heartbeat 6.x-2.3
Menhir Heartbeat 6.x-4.5
Menhir Heartbeat 6.x-4.4
Menhir Heartbeat 6.x-4.x
Menhir Heartbeat 6.x-3.3
Menhir Heartbeat 6.x-4.8
Menhir Heartbeat 6.x-4.3
Menhir Heartbeat 6.x-4.2
Menhir Heartbeat 6.x-3.2
Menhir Heartbeat 6.x-3.x
383
VMScore
CVE-2009-4525
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.9 and 6.x prior to 6.x-1.9, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via crafted data in a list of links.
Joao Ventura Print 5.x-4.7
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 6.x-1.7
Joao Ventura Print 6.x-1.0
Joao Ventura Print 5.x-4.5
Joao Ventura Print 5.x-4.4
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.2
Joao Ventura Print 5.x-4.8
Joao Ventura Print 5.x-4.6
Joao Ventura Print 5.x-4.0
Joao Ventura Print 6.x-1.x
Joao Ventura Print 5.x-4.3
Joao Ventura Print 5.x-4.x
Joao Ventura Print 6.x-1.3
Joao Ventura Print 6.x-1.4
445
VMScore
CVE-2009-4526
The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.9 and 6.x prior to 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote malicious users to read page titles by requesting a &...
Joao Ventura Print 5.x-4.7
Joao Ventura Print 6.x-1.3
Joao Ventura Print 6.x-1.4
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 5.x-4.3
Joao Ventura Print 5.x-4.x
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.0
Joao Ventura Print 5.x-4.8
Joao Ventura Print 5.x-4.5
Joao Ventura Print 6.x-1.2
Joao Ventura Print 6.x-1.7
Joao Ventura Print 5.x-4.6
Joao Ventura Print 5.x-4.4
Joao Ventura Print 5.x-4.0
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.x
312
VMScore
CVE-2009-3210
Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.8 and 6.x prior to 6.x-1.8, a module for Drupal, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Joao Ventura Print 5.x-3.1
Joao Ventura Print 5.x-3.2
Joao Ventura Print 5.x-4.x-dev
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.x-dev
Joao Ventura Print 6.x-1.0
Joao Ventura Print 6.x-1.7
Joao Ventura Print 5.x-3.3
Joao Ventura Print 5.x-3.4
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.3
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.2
Joao Ventura Print 5.x-3.x-dev
Joao Ventura Print 5.x-3.0
Joao Ventura Print 5.x-3.7
Joao Ventura Print 5.x-4.0
Joao Ventura Print 5.x-4.7
Joao Ventura Print 5.x-2.2
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 5.x-3.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4