Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 4.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3689
The Print module prior to 4.7-1.0 and 5.x prior to 5.x-1.2 for Drupal allows remote malicious users to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.
Drupal Print Module
NA
CVE-2007-3690
The Forward module prior to 4.7-1.1 and 5.x prior to 5.x-1.0 for Drupal allows remote malicious users to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.
Drupal Forward Module
NA
CVE-2006-6530
SQL injection vulnerability in the Help Tip module prior to 4.7.x-1.0 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Drupal Help Tip Module
NA
CVE-2006-6531
Cross-site scripting (XSS) vulnerability in the Help Tip module prior to 4.7.x-1.0 for Drupal allows remote malicious users to inject arbitrary web script or HTML, and possibly obtain administrative access, via node titles.
Drupal Help Tip Module
NA
CVE-2007-5270
Unspecified vulnerability in the Boost module prior to 4.7.x-1.0, and 5.x prior to 5.x-1.0, for Drupal allows remote malicious users to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors.
Bendiken Boost Module For Drupal
NA
CVE-2006-4949
Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site Profile Directory (profile_pages.module) prior to 1.1.2.1 and the Drupal 4.7 Site Profile Directory (profile_pages.module) prior to 1.2.2.1 allows remote malicious users to inject arbitrary web script or HTML via uns...
Drupal Site Profile Directory Module
NA
CVE-2011-4113
SQL injection vulnerability in the Views module prior to 6.x-2.13 for Drupal allows remote malicious users to execute arbitrary SQL commands via vectors related to "filters/arguments on certain types of views with specific configurations of arguments."
Earl Miles Views 6.x-2.9
Earl Miles Views 6.x-2.8
Earl Miles Views 6.x-2.1
Earl Miles Views 6.x-2.0
Earl Miles Views 5.x-1.8
Earl Miles Views 5.x-1.7
Earl Miles Views 5.x-1.5
Earl Miles Views 5.x-1.4-2
Earl Miles Views 4.7.x-1.6
Earl Miles Views 4.7.x-1.2
Earl Miles Views 4.7.x-1.1
Earl Miles Views
Earl Miles Views 6.x-2.5
Earl Miles Views 6.x-2.4
Earl Miles Views 5.x-1.6
Earl Miles Views 6.x-2.11
Earl Miles Views 6.x-2.10
Earl Miles Views 6.x-2.3
Earl Miles Views 6.x-2.2
Earl Miles Views 6.x-2.x
Earl Miles Views 5.x-1.1
Earl Miles Views 5.x-1.0
NA
CVE-2007-1028
Cross-site scripting (XSS) vulnerability in the Barry Jaspan Image Pager 4.7.x-1.x-dev and 5.x-1.x-dev prior to 2007-02-08 module for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to HTML entities and the IMG element.
Barry Jaspan Image Pager 4.7
Barry Jaspan Image Pager 5.0
NA
CVE-2008-5996
Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x prior to 5.x-1.5 and 6.x prior to 6.x-1.0-beta4, a module for Drupal, allows remote authenticated users, with "administer taxonomy" permissions, to inject arbitrary web script or HTML via a Newsletter...
Link3 Simplenews
Link3 Simplenews 5.x-1.3
Link3 Simplenews 4.7.x-1.x-dev
Link3 Simplenews 4.6.x-1.x-dev
Link3 Simplenews 4.7.x-2.x-dev
Link3 Simplenews 5.x-1.x-dev
Link3 Simplenews 5.x-1.2
Link3 Simplenews 5.x-1.1
Link3 Simplenews 6.x-1.0
Link3 Simplenews 5.x-1.0
Link3 Simplenews 4.7.x-1.0
Link3 Simplenews 6.x-1.x-dev
NA
CVE-2009-3651
Cross-site scripting (XSS) vulnerability in the "Monitor browsers' feature in Browscap prior to 5.x-1.1 and 6.x-1.1, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Mikeryan Browscap 4.7.x-1.x-dev
Mikeryan Browscap 6.x-1.x-dev
Mikeryan Browscap
Mikeryan Browscap 5.x-1.x-dev
Mikeryan Browscap 6.x-1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »