Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2079
Cross-site scripting (XSS) vulnerability in the administrative page interface in Taxonomy manager 5.x prior to 5.x-1.2 and 6.x prior to 6.x-1.1, a module for Drupal, allows remote authenticated users, with administer taxonomy privileges or the ability to use free tagging to add t...
Drupal Taxonomy Manager 5.x-1.0
Drupal Taxonomy Manager 5.x-1.1
Drupal Taxonomy Manager 6.x-1.0
Drupal Taxonomy Manager 6.x-1.0-beta1
Drupal Taxonomy Manager 6.x-1.0-beta2
NA
CVE-2009-1069
Multiple cross-site scripting (XSS) vulnerabilities in the node edit form feature in Drupal Content Construction Kit (CCK) 6.x prior to 6.x-2.2, a module for Drupal, allow remote malicious users to inject arbitrary web script or HTML via the (1) titles of candidate referenced nod...
Drupal Content Construction Kit 6.x-1.0
Drupal Content Construction Kit 6.x-1.x-dev
Drupal Content Construction Kit 6.x-2.0
Drupal Content Construction Kit 6.x-2.1
NA
CVE-2009-0817
Cross-site scripting (XSS) vulnerability in the Protected Node module 5.x prior to 5.x-1.4 and 6.x prior to 6.x-1.5, a module for Drupal, allows remote authenticated users with "administer site configuration" permissions to inject arbitrary web script or HTML via the Pa...
Drupal Protected Node Module 5.x
Drupal Protected Node Module 5.x-1.0
Drupal Protected Node Module 5.x-1.2
Drupal Protected Node Module 5.x-1.3
Drupal Protected Node Module 5.x-1.x-dev
Drupal Protected Node Module 6.x-1.0
Drupal Protected Node Module 6.x-1.2
Drupal Protected Node Module 6.x-1.3
Drupal Protected Node Module 6.x-1.4
NA
CVE-2009-1575
Cross-site scripting (XSS) vulnerability in Drupal 5.x prior to 5.17 and 6.x prior to 6.11, as used in vbDrupal prior to 5.17.0, allows remote malicious users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences before the Content-Type meta tag, which are treat...
Drupal Drupal 5.10
Drupal Drupal 5.4
Drupal Drupal 6.0
Drupal Drupal 6
Drupal Drupal 6.2
Drupal Drupal 5.13
Drupal Drupal 5.12
Drupal Drupal 5.2
Drupal Drupal 5.7
Drupal Drupal 6.4
Drupal Drupal 5.0
Drupal Drupal 5.1 Rev1.1
Drupal Drupal 5.16
Drupal Drupal 5.15
Drupal Drupal 6.7
Drupal Drupal 6.8
Drupal Drupal 6.1
Drupal Drupal 5.6
Drupal Drupal 5.1
Drupal Drupal 6.5
Drupal Drupal 5.5
Drupal Drupal 6.10
4.8
CVSSv3
CVE-2012-1637
Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x prior to 6.x-2.1, 6.x-3.x prior to 6.x-3.1, and 7.x-3.x prior to 7.x-3.3 for Drupal.
Drupal Quick Tabs 6.x-2.0
Drupal Quick Tabs 6.x-3.0
Drupal Quick Tabs 7.x-3.0
Drupal Quick Tabs 7.x-3.1
Drupal Quick Tabs 7.x-3.2
NA
CVE-2008-6020
SQL injection vulnerability in the Views module 6.x prior to 6.x-2.2 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields."
Drupal Views
Drupal Views 6.x-2.0
NA
CVE-2008-4147
Cross-site scripting (XSS) vulnerability in the Mailsave module 5.x prior to 5.x-3.3 and 6.x prior to 6.x-1.3, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via an e-mail message with an attached file that has a modified Content-Type.
Drupal Mailsave 5.x-3.1
Drupal Mailsave 5.x-3.0
Drupal Mailsave
Drupal Mailsave 5.x-2.x-dev
Drupal Mailsave 6.x-1.1
Drupal Mailsave 5.x-1.0
Drupal Mailsave 5.x-3.x-dev
Drupal Mailsave 6.x-1.0
Drupal Mailsave 5.x-2.0
Drupal Mailsave 5.x-1.x-dev
NA
CVE-2009-0575
Cross-site scripting (XSS) vulnerability in the theme_views_bulk_operations_confirmation function in views_bulk_operations.module in Views Bulk Operations 5.x prior to 5.x-1.3 and 6.x prior to 6.x-1.4, a module for Drupal, allows remote malicious users to inject arbitrary web scr...
Drupal Views Bulk Operations 5.x-1.0beta5
Drupal Views Bulk Operations 6.x-1.2
Drupal Views Bulk Operations 6.x-1.1
Drupal Views Bulk Operations 5.x-1.0beta3
Drupal Views Bulk Operations 5.x-1.0beta4
Drupal Views Bulk Operations
Drupal Views Bulk Operations 5.x-1.0
Drupal Views Bulk Operations 5.x-1.0beta1
Drupal Views Bulk Operations 5.x-1.1
Drupal Views Bulk Operations 6.x-1.0
NA
CVE-2014-8077
Cross-site scripting (XSS) vulnerability in the NewsFlash theme 6.x-1.x prior to 6.x-1.7 and 7.x-1.x prior to 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font ...
Drupal Newsflash 7.x-2.4
Drupal Newsflash 7.x-1.x-dev
Drupal Newsflash 7.x-2.2
Drupal Newsflash 7.x-2.0
Drupal Newsflash 7.x-2.x-dev
Drupal Newsflash 6.x-1.6
Drupal Newsflash 6.x-1.x-dev
Drupal Newsflash 7.x-2.1
Drupal Newsflash 7.x-2.3
NA
CVE-2009-1342
Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x prior to 6.x-1.2, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via certain comment titles associated with a node edit form.
Drupal Cck Comment Reference 6.x
Drupal Cck Comment Reference 6.x-1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267
XML injection
CVE-2024-37673
CVE-2024-6266
CVE-2024-30078
arbitrary
CVE-2024-36886
CVE-2024-5346
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »