Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 5.x vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0277
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
Drupal Fileshare Module 4.7.x
Drupal Fileshare Module 5.x
NA
CVE-2008-5998
Multiple SQL injection vulnerabilities in the ajax_checklist_save function in the Ajax Checklist module 5.x prior to 5.x-1.1 for Drupal allow remote authenticated users, with "update ajax checklists" permissions, to execute arbitrary SQL commands via a save operation, r...
Drupal Ajax Checklist 5.x-1.0
1 EDB exploit
NA
CVE-2009-0603
Cross-site scripting (XSS) vulnerability in index.php in the Link module 5.x-2.5 for Drupal 5.10 allows remote authenticated users, with "administer content types" privileges, to inject arbitrary web script or HTML via the description parameter (aka the Help field). NOT...
Drupal Link Module 5.x-2.5
NA
CVE-2008-5999
Cross-site scripting (XSS) vulnerability in the Ajax Checklist module 5.x prior to 5.x-1.1 for Drupal allows remote authenticated users, with create and edit permissions for posts, to inject arbitrary web script or HTML via unspecified vectors involving the ajax_checklist filter.
Drupal Ajax Checklist 5.x-1.0
NA
CVE-2008-2850
SQL injection vulnerability in the TrailScout module 5.x prior to 5.x-1.4 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
Drupal Trailscout Module 5.x 1.3
Drupal Trailscout Module 5.x
Drupal Trailscout Module 5.x 1.0
Drupal Trailscout Module 5.x 1.1
Drupal Trailscout Module 5.x 1.2
NA
CVE-2008-4149
Cross-site scripting (XSS) vulnerability in the Greg Holsclaw Link to Us module 5.x prior to 5.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link page header" field.
Drupal Link To Us
Drupal Link To Us 5.x-1.x-dev
NA
CVE-2008-0823
Unspecified vulnerability in the Header Image Module prior to 5.x-1.1 for Drupal allows remote malicious users to access the administration pages via unknown attack vectors.
Drupal Header Image 5.x-1.0
NA
CVE-2009-1942
Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x prior to 6.x-2.2, and 6.x-3.x prior to 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified ve...
Drupal Quiz 6.x-2.1
Drupal Quiz 6.x-2.0
Drupal Quiz 6.x-3.0
Drupal Quiz 6.x-2.x
Drupal Quiz 6.x-3.x
Drupal Quiz 5.x
NA
CVE-2009-4066
Multiple cross-site request forgery (CSRF) vulnerabilities in the "My Account" feature in PHPList Integration module 5 prior to 5.x-1.2 and 6 prior to 6.x-1.1 for Drupal allow remote malicious users to hijack the authentication of arbitrary users via vectors related to ...
Drupal Drupal
Paul Beaney Phplist 5.x-1.x
Paul Beaney Phplist 6.x-1.x
Paul Beaney Phplist 6.x-1.0
Paul Beaney Phplist 5.x-1.0
Paul Beaney Phplist 5.x-1.1
NA
CVE-2010-3022
Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5.x prior to 5.x-1.3 and 6.x prior to 6.x-1.21 for Drupal allows remote authenticated users, with add url aliases and report access permissions, to inject arbitrary web script or HTML v...
Drupal Devel Module
Drupal Devel Module 6.x-1.19
Drupal Devel Module 6.x-1.11
Drupal Devel Module 6.x-1.10
Drupal Devel Module 6.x-1.3
Drupal Devel Module 6.x-1.1
Drupal Devel Module 6.x-1.13
Drupal Devel Module 6.x-1.12
Drupal Devel Module 6.x-1.5
Drupal Devel Module 6.x-1.4
Drupal Devel Module 5.x-1.1
Drupal Devel Module 5.x-1.0
Drupal Devel Module 6.x-1.18
Drupal Devel Module 6.x-1.17
Drupal Devel Module 6.x-1.16
Drupal Devel Module 6.x-1.9
Drupal Devel Module 6.x-1.8
Drupal Devel Module 6.x-1.0
Drupal Devel Module 6.x-1.2
Drupal Devel Module 6.x-1.15
Drupal Devel Module 6.x-1.14
Drupal Devel Module 6.x-1.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »