drupal

509 tracked vulnerabilities.

CVE-2010-3094
Drupal 6.0-6.17 - Authenticated Cross-Site Scripting via Action Description or Message
Sep 21, 2010
EPSS 0.00
CVE-2010-3093
Drupal 5.x < 5.23 and 6.x < 6.18 - Authenticated Comment Reinstatement via Crafted URL
Sep 21, 2010
EPSS 0.00
CVE-2010-3092
Drupal 5.x < 5.23 and 6.x < 6.18 - Authenticated File Download Restriction Bypass via Case-Insensitive Filename Handling
Sep 21, 2010
EPSS 0.00
CVE-2010-3022
Drupal Devel Module < 5.x-1.3 and 6.x < 6.x-1.21 - Authenticated Cross-Site Scripting via Node Paths
Aug 16, 2010
EPSS 0.00
CVE-2009-4602
Drupal Randomizer 5.x-1.0 and 6.x-1.0 - Cross-Site Scripting
Jan 12, 2010
EPSS 0.00
CVE-2009-4371
Drupal Core 6.14-6.15 - Authenticated Cross-Site Scripting in Locale Module
Dec 21, 2009
EPSS 0.00
CVE-2009-4370
Drupal Core 6.x < 6.15 - Authenticated Cross-Site Scripting in Menu Description
Dec 21, 2009
EPSS 0.00
CVE-2009-4369
Drupal Core 5.x < 5.21 and 6.x < 6.15 - Authenticated Cross-Site Scripting in Contact Category Name
Dec 21, 2009
EPSS 0.00
CVE-2009-4066
PHPList Integration module <5.x-1.2,6.x-1.1 - CSRF
Nov 24, 2009
EPSS 0.00
CVE-2009-3479
Bibliography Module for Drupal - Cross-Site Scripting via Title Field
Sep 30, 2009
EPSS 0.00
CVE-2009-3352
Drupal Quota by Role - Unspecified Vuln
Sep 24, 2009
EPSS 0.01
CVE-2009-3156
Drupal Date module 6.x < 6.x-2.3 - Authenticated Cross-Site Scripting via Content Type Label Field
Sep 10, 2009
EPSS 0.00
CVE-2009-2374
Drupal 5.x < 5.19 and 6.x < 6.13 - Information Exposure via Failed Login Links
Jul 08, 2009
EPSS 0.00
CVE-2009-2373
Drupal 6.x < 6.13 - Cross-Site Scripting in Forum Module
Jul 08, 2009
EPSS 0.00
CVE-2009-2372
Drupal 6.0-6.12 - Authenticated Code Injection via User Signature
Jul 08, 2009
EPSS 0.01
CVE-2009-2079
Taxonomy manager 5.x < 5.x-1.2 and 6.x < 6.x-1.1 - Cross-Site Scripting
Jun 16, 2009
EPSS 0.00
CVE-2009-2076
Drupal Views < 6.x-2.6 - Authenticated Cross-Site Scripting via Exposed Filters and View Name Parameter
Jun 16, 2009
EPSS 0.00
CVE-2009-2074
Nodequeue <5.x-2.7 & <6.x-2.2 - XSS
Jun 16, 2009
EPSS 0.00
CVE-2009-2035
Services 6.x <0.14 - Info Disclosure
Jun 12, 2009
EPSS 0.00
CVE-2009-1942
Drupal Quiz <6.x-2.2, <6.x-3.0 - XSS
Jun 05, 2009
EPSS 0.00
CVE-2009-1844
Drupal 5.x < 5.18 and 6.x < 6.12 - Authenticated Cross-Site Scripting via UTF-8 Byte Sequences and Taxonomy Help Text
Jun 01, 2009
EPSS 0.00
CVE-2009-1823
Drupal Print module 5.x < 5.x-4.7 and 6.x < 6.x-1.7 - Cross-Site Scripting via UTF-7 Encoding Bypass
May 29, 2009
EPSS 0.01
CVE-2009-1576
Drupal 5.x < 5.17 and 6.x < 6.11 - Information Disclosure via Crafted URL
May 06, 2009
EPSS 0.01
CVE-2009-1575
Drupal 5.x < 5.17 and 6.x < 6.11 - Cross-Site Scripting via UTF-8 Byte Sequence Bypass
May 06, 2009
EPSS 0.01
CVE-2009-1507
Drupal Nodeaccess Userreference - Access Control
May 01, 2009
EPSS 0.00
Products
drupal 273 core 91 core-recommended 6 project_issue_tracking_module 6 Drupal core 5 print 5 aggregation_module 4 ai 4 everyblog 4 project 4 ubercart_module 4 Drupal Core 3 OpenID Connect / OAuth client 3 content_construction_kit 3 drupal_project_issue_tracking 3 shindig-integrator 3 File Access Fix (deprecated) 2 activity 2 ajax_checklist 2 artificial_intelligence 2 bibliography_module 2 brilliant_gallery 2 chatroom_module 2 civictheme 2 cookies_consent_management 2 custom_search_module 2 data 2 database_administration_module 2 drupal_easylinks_module 2 google_tag 2
Quick Filters
Critical CVEs With Exploits In CISA KEV