Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 4.6 vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2007-0507
SQL injection vulnerability in the Acidfree module for Drupal prior to 4.6.x-1.0, and prior to 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles.
Drupal Acidfree 4.6 1.0
Drupal Acidfree 4.7 1.0
7.5
CVSSv2
CVE-2006-4108
SQL injection vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Drupal Bibliography Module
4.3
CVSSv2
CVE-2006-4109
Cross-site scripting (XSS) vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Drupal Bibliography Module
7.5
CVSSv2
CVE-2006-4107
SQL injection vulnerability in the Job Search module (job.module) 4.6 before revision 1.3.2.1 in Drupal allows remote malicious users to execute arbitrary SQL commands via a job or resume search.
Drupal Job Search 4.6 Rev1.3.2
4.3
CVSSv2
CVE-2006-4949
Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site Profile Directory (profile_pages.module) prior to 1.1.2.1 and the Drupal 4.7 Site Profile Directory (profile_pages.module) prior to 1.2.2.1 allows remote malicious users to inject arbitrary web script or HTML via uns...
Drupal Site Profile Directory Module
3.5
CVSSv2
CVE-2008-5996
Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x prior to 5.x-1.5 and 6.x prior to 6.x-1.0-beta4, a module for Drupal, allows remote authenticated users, with "administer taxonomy" permissions, to inject arbitrary web script or HTML via a Newsletter...
Link3 Simplenews
Link3 Simplenews 5.x-1.3
Link3 Simplenews 4.7.x-1.x-dev
Link3 Simplenews 4.6.x-1.x-dev
Link3 Simplenews 4.7.x-2.x-dev
Link3 Simplenews 5.x-1.x-dev
Link3 Simplenews 5.x-1.2
Link3 Simplenews 5.x-1.1
Link3 Simplenews 6.x-1.0
Link3 Simplenews 5.x-1.0
Link3 Simplenews 4.7.x-1.0
Link3 Simplenews 6.x-1.x-dev
3.5
CVSSv2
CVE-2010-2048
Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat module 6.x prior to 6.x-4.9 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Menhir Heartbeat 6.x-4.7
Menhir Heartbeat 6.x-4.6
Menhir Heartbeat 6.x-4.1
Menhir Heartbeat 6.x-4.0
Menhir Heartbeat 6.x-2.3
Menhir Heartbeat 6.x-4.5
Menhir Heartbeat 6.x-4.4
Menhir Heartbeat 6.x-4.x
Menhir Heartbeat 6.x-3.3
Menhir Heartbeat 6.x-4.8
Menhir Heartbeat 6.x-4.3
Menhir Heartbeat 6.x-4.2
Menhir Heartbeat 6.x-3.2
Menhir Heartbeat 6.x-3.x
4.3
CVSSv2
CVE-2009-4525
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.9 and 6.x prior to 6.x-1.9, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via crafted data in a list of links.
Joao Ventura Print 5.x-4.7
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 6.x-1.7
Joao Ventura Print 6.x-1.0
Joao Ventura Print 5.x-4.5
Joao Ventura Print 5.x-4.4
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.2
Joao Ventura Print 5.x-4.8
Joao Ventura Print 5.x-4.6
Joao Ventura Print 5.x-4.0
Joao Ventura Print 6.x-1.x
Joao Ventura Print 5.x-4.3
Joao Ventura Print 5.x-4.x
Joao Ventura Print 6.x-1.3
Joao Ventura Print 6.x-1.4
5
CVSSv2
CVE-2009-4526
The Send by e-mail sub-module in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.9 and 6.x prior to 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote malicious users to read page titles by requesting a &...
Joao Ventura Print 5.x-4.7
Joao Ventura Print 6.x-1.3
Joao Ventura Print 6.x-1.4
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 5.x-4.3
Joao Ventura Print 5.x-4.x
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.0
Joao Ventura Print 5.x-4.8
Joao Ventura Print 5.x-4.5
Joao Ventura Print 6.x-1.2
Joao Ventura Print 6.x-1.7
Joao Ventura Print 5.x-4.6
Joao Ventura Print 5.x-4.4
Joao Ventura Print 5.x-4.0
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.x
3.5
CVSSv2
CVE-2009-3210
Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka Printer, e-mail and PDF versions) module 5.x prior to 5.x-4.8 and 6.x prior to 6.x-1.8, a module for Drupal, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Joao Ventura Print 5.x-3.1
Joao Ventura Print 5.x-3.2
Joao Ventura Print 5.x-4.x-dev
Joao Ventura Print 5.x-4.1
Joao Ventura Print 6.x-1.x-dev
Joao Ventura Print 6.x-1.0
Joao Ventura Print 6.x-1.7
Joao Ventura Print 5.x-3.3
Joao Ventura Print 5.x-3.4
Joao Ventura Print 5.x-4.2
Joao Ventura Print 5.x-4.3
Joao Ventura Print 6.x-1.1
Joao Ventura Print 6.x-1.2
Joao Ventura Print 5.x-3.x-dev
Joao Ventura Print 5.x-3.0
Joao Ventura Print 5.x-3.7
Joao Ventura Print 5.x-4.0
Joao Ventura Print 5.x-4.7
Joao Ventura Print 5.x-2.2
Joao Ventura Print 6.x-1.5
Joao Ventura Print 6.x-1.6
Joao Ventura Print 5.x-3.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4