Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6136
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote malicious users to gain privileges as another user or an administrator via unknown attack vectors.
Drupal Everyblog 5.0
Drupal Everyblog 6.0
7.5
CVSSv2
CVE-2008-6020
SQL injection vulnerability in the Views module 6.x prior to 6.x-2.2 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields."
Drupal Views
Drupal Views 6.x-2.0
7.5
CVSSv2
CVE-2008-4793
The node module API in Drupal 5.x prior to 5.11 allows remote malicious users to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.
Drupal Drupal 5.4
Drupal Drupal 5.3
Drupal Drupal 5.0
Drupal Drupal 5.9
Drupal Drupal 5.2
Drupal Drupal 5.1
Drupal Drupal 5.8
Drupal Drupal 5.7
Drupal Drupal
Drupal Drupal 5.6
Drupal Drupal 5.5
7.5
CVSSv2
CVE-2008-4597
Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote malicious users to gain privileges via unspecified vectors.
Drupal Shindig-integrator 5
Drupal Shindig-integrator
7.5
CVSSv2
CVE-2008-4598
Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597.
Drupal Shindig-integrator
Drupal Shindig-integrator 5
7.5
CVSSv2
CVE-2008-4531
SQL injection vulnerability in Brilliant Gallery 5.x prior to 5.x-4.2, a module for Drupal, allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338.
Drupal Brilliant Gallery 5.x-3.2
Drupal Brilliant Gallery 5.x-3.1
Drupal Brilliant Gallery 5.x-2.11
Drupal Brilliant Gallery 5.x-2.10
Drupal Brilliant Gallery 5.x-2.3
Drupal Brilliant Gallery 5.x-2.2
Drupal Brilliant Gallery
Drupal Brilliant Gallery 5.x-2.16
Drupal Brilliant Gallery 5.x-2.15
Drupal Brilliant Gallery 5.x-2.7
Drupal Brilliant Gallery 5.x-2.6
Drupal Brilliant Gallery 5.x-1.1
Drupal Brilliant Gallery 5.x-1.0
Drupal Brilliant Gallery 5.x-3.0
Drupal Brilliant Gallery 5.x-2.17
Drupal Brilliant Gallery 5.x-2.9
Drupal Brilliant Gallery 5.x-2.8
Drupal Brilliant Gallery 5.x-2.1
Drupal Brilliant Gallery 5.x-1.2
Drupal Brilliant Gallery 5.x-4.0
Drupal Brilliant Gallery 5.x-3.3
Drupal Brilliant Gallery 5.x-2.14
7.5
CVSSv2
CVE-2008-4148
SQL injection vulnerability in the Mailhandler module 5.x prior to 5.x-1.4 and 6.x prior to 6.x-1.4, a module for Drupal, allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, related to composing queries without using the Drupal database API.
Drupal Mailhandler
Drupal Mailhandler 6.x-1.2
Drupal Mailhandler 5.x-1.0
Drupal Mailhandler 5.x-1.x-dev
Drupal Mailhandler 5.x-1.2
Drupal Mailhandler 5.x-1.1
Drupal Mailhandler 6.x-1.x-dev
Drupal Mailhandler 6.x-1.1
Drupal Mailhandler 6.x-1.0
7.5
CVSSv2
CVE-2008-3223
SQL injection vulnerability in the Schema API in Drupal 6.x prior to 6.3 allows remote malicious users to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."
Drupal Drupal
Fedoraproject Fedora 8
Fedoraproject Fedora 9
7.5
CVSSv2
CVE-2008-2999
Multiple SQL injection vulnerabilities in the Aggregation module 5.x prior to 5.x-4.4 for Drupal allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Drupal Aggregation Module 4.3
Drupal Aggregation Module 3.2
Drupal Aggregation Module 4.0
Drupal Drupal 5.2
Drupal Drupal 5.3
Drupal Drupal 5.0
Drupal Drupal 5.7
Drupal Aggregation Module 3.0
Drupal Aggregation Module 3.1
Drupal Drupal 5.1
Drupal Drupal 5.1 Rev1.1
Drupal Aggregation Module 4.1
Drupal Aggregation Module 4.2
Drupal Drupal 5.4
Drupal Drupal 5.5.
7.5
CVSSv2
CVE-2008-2850
SQL injection vulnerability in the TrailScout module 5.x prior to 5.x-1.4 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
Drupal Trailscout Module 5.x 1.3
Drupal Trailscout Module 5.x
Drupal Trailscout Module 5.x 1.0
Drupal Trailscout Module 5.x 1.1
Drupal Trailscout Module 5.x 1.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »