Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 6.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6134
SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Drupal Everyblog 6.0
Drupal Everyblog 5.0
NA
CVE-2008-6135
Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Drupal Everyblog 6.0
Drupal Everyblog 5.0
NA
CVE-2008-6137
EveryBlog 5.x and 6.x, a module for Drupal, allows remote malicious users to bypass access restrictions via unknown vectors.
Drupal Everyblog 6.0
Drupal Everyblog 5.0
8.1
CVSSv3
CVE-2016-3171
Drupal 6.x prior to 6.38, when used with PHP prior to 5.4.45, 5.5.x prior to 5.5.29, or 5.6.x prior to 5.6.13, might allow remote malicious users to execute arbitrary code via vectors related to session data truncation.
Drupal Drupal 6.37
Drupal Drupal 6.8
Drupal Drupal 6.36
Drupal Drupal 6.34
Drupal Drupal 6.28
Drupal Drupal 6.26
Drupal Drupal 6.2
Drupal Drupal 6.18
Drupal Drupal 6.13
Drupal Drupal 6.11
Drupal Drupal 6.0
Drupal Drupal 6.7
Drupal Drupal 6.6
Drupal Drupal 6.5
Drupal Drupal 6.4
Drupal Drupal 6.25
Drupal Drupal 6.24
Drupal Drupal 6.23
Drupal Drupal 6.22
Drupal Drupal 6.21
Drupal Drupal 6.1
Drupal Drupal 6.32
5.9
CVSSv3
CVE-2016-3166
CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x prior to 6.38, when used with PHP prior to 5.1.2, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submit...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Drupal Drupal 6.31
Drupal Drupal 6.30
Drupal Drupal 6.3
Drupal Drupal 6.29
Drupal Drupal 6.28
Drupal Drupal 6.16
Drupal Drupal 6.15
Drupal Drupal 6.14
Drupal Drupal 6.13
Drupal Drupal 6.0
Drupal Drupal 6.6
Drupal Drupal 6.5
Drupal Drupal 6.4
Drupal Drupal 6.36
Drupal Drupal 6.23
Drupal Drupal 6.22
Drupal Drupal 6.21
Drupal Drupal 6.20
Drupal Drupal 6.9
Drupal Drupal 6.7
7.4
CVSSv3
CVE-2016-3167
Open redirect vulnerability in the drupal_goto function in Drupal 6.x prior to 6.38, when used with PHP prior to 5.4.7, allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a double-encoded URL in the "destination" para...
Drupal Drupal 6.36
Drupal Drupal 6.35
Drupal Drupal 6.34
Drupal Drupal 6.33
Drupal Drupal 6.20
Drupal Drupal 6.2
Drupal Drupal 6.19
Drupal Drupal 6.18
Drupal Drupal 6.0
Drupal Drupal 6.6
Drupal Drupal 6.4
Drupal Drupal 6.32
Drupal Drupal 6.30
Drupal Drupal 6.29
Drupal Drupal 6.24
Drupal Drupal 6.22
Drupal Drupal 6.16
Drupal Drupal 6.14
Drupal Drupal 6.37
Drupal Drupal 6.9
Drupal Drupal 6.8
Drupal Drupal 6.28
NA
CVE-2012-5651
Drupal 6.x prior to 6.27 and 7.x prior to 7.18 displays information for blocked users, which might allow remote malicious users to obtain sensitive information by reading the search results.
Drupal Drupal 6.0
Drupal Drupal 6.10
Drupal Drupal 6.5
Drupal Drupal 6.3
Drupal Drupal 6.23
Drupal Drupal 6.9
Drupal Drupal 6.25
Drupal Drupal 6.14
Drupal Drupal 6.13
Drupal Drupal 6.4
Drupal Drupal 6.17
Drupal Drupal 6.16
Drupal Drupal 6.6
Drupal Drupal 6.18
Drupal Drupal 6.11
Drupal Drupal 6.7
Drupal Drupal 6.20
Drupal Drupal 6.19
Drupal Drupal 6.12
Drupal Drupal 6.15
Drupal Drupal 6.8
Drupal Drupal 6.2
NA
CVE-2013-6385
The form API in Drupal 6.x prior to 6.29 and 7.x prior to 7.24, when used with unspecified third-party modules, performs form validation even when CSRF validation has failed, which might allow remote malicious users to trigger application-specific impacts such as arbitrary code e...
Drupal Drupal 6.0
Drupal Drupal 6.1
Drupal Drupal 6.10
Drupal Drupal 6.17
Drupal Drupal 6.18
Drupal Drupal 6.19
Drupal Drupal 6.25
Drupal Drupal 6.26
Drupal Drupal 6.7
Drupal Drupal 6.8
Drupal Drupal 6.13
Drupal Drupal 6.14
Drupal Drupal 6.21
Drupal Drupal 6.11
Drupal Drupal 6.12
Drupal Drupal 6.2
Drupal Drupal 6.20
Drupal Drupal 6.27
Drupal Drupal 6.28
Drupal Drupal 6.9
Drupal Drupal 6.22
Drupal Drupal 6.3
NA
CVE-2013-6386
Drupal 6.x prior to 6.29 and 7.x prior to 7.24 uses the PHP mt_rand function to generate random numbers, which uses predictable seeds and allows remote malicious users to predict security strings and bypass intended restrictions via a brute force attack.
Drupal Drupal 7.0
Drupal Drupal 7.11
Drupal Drupal 7.12
Drupal Drupal 7.19
Drupal Drupal 7.2
Drupal Drupal 7.x-dev
Drupal Drupal 7.23
Drupal Drupal 7.13
Drupal Drupal 7.14
Drupal Drupal 7.3
Drupal Drupal 7.4
Drupal Drupal 7.5
Drupal Drupal 7.22
Drupal Drupal 7.21
Drupal Drupal 7.15
Drupal Drupal 7.16
Drupal Drupal 7.6
Drupal Drupal 7.7
Drupal Drupal 7.20
Drupal Drupal 7.1
Drupal Drupal 7.10
Drupal Drupal 7.17
NA
CVE-2013-0245
The printer friendly version functionality in the Book module in Drupal 6.x prior to 6.28 and 7.x prior to 7.19 does not properly restrict access to node that are part of a book outline, which allows remote authenticated users with the "access printer-friendly version" ...
Drupal Drupal 6.27
Drupal Drupal 6.25
Drupal Drupal 6.15
Drupal Drupal 6.18
Drupal Drupal 6.22
Drupal Drupal 6.21
Drupal Drupal 6.0
Drupal Drupal 6.7
Drupal Drupal 6.26
Drupal Drupal 6.8
Drupal Drupal 6.2
Drupal Drupal 6.10
Drupal Drupal 6.24
Drupal Drupal 6.23
Drupal Drupal 6.4
Drupal Drupal 6.6
Drupal Drupal 6.13
Drupal Drupal 6.12
Drupal Drupal 6.20
Drupal Drupal 6.19
Drupal Drupal 6.17
Drupal Drupal 6.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »