drupal
509 tracked vulnerabilities.
CVE-2009-1505
Drupal News Page < 5.x-1.2 - Authenticated SQL Injection via Include Words Field
May 01, 2009
EPSS 0.01
CVE-2009-1344
Drupal Localization Client < 5.x-1.2 and < 6.x-1.7 - Cross-Site Scripting via Translation Functionality
Apr 20, 2009
EPSS 0.00
CVE-2009-1343
Drupal Print module 5.x < 5.x-4.5 and 6.x < 6.x-1.5 - Cross-Site Scripting via Content Titles
Apr 20, 2009
EPSS 0.00
CVE-2009-1342
CCK comment reference 6.x - Cross-Site Scripting via Comment Titles
Apr 20, 2009
EPSS 0.00
CVE-2009-1249
Feed element mapper 5.x < 5.x-1.1 - Cross-Site Scripting via Content Title
Apr 06, 2009
EPSS 0.00
CVE-2009-1069
Drupal Content Construction Kit < 6.x-2.2 - Cross-Site Scripting via Node Reference Titles and User Reference Names
Mar 26, 2009
EPSS 0.00
CVE-2009-1047
Drupal Printer, e-mail and PDF versions < 5.x-4.4 and 6.x-1.4 - Cross-Site Scripting via Send by e-mail Module
Mar 23, 2009
EPSS 0.00
CVE-2009-1037
Drupal Printer, e-mail and PDF < 5.x-4.4/6.x-1.4 - Unauthenticated Spam Flood via Send by e-mail
Mar 20, 2009
EPSS 0.00
CVE-2009-1036
Drupal Plus1 < 6.x-2.6 - Cross-Site Request Forgery
Mar 20, 2009
EPSS 0.00
CVE-2009-1034
Drupal Tasklist < 5.x-1.3 and 5.x-2.x < 5.x-2.0-alpha1 - SQL Injection via URI Values
Mar 20, 2009
EPSS 0.00
CVE-2009-0818
Drupal Taxonomy Theme <5.x-1.2 - XSS
Mar 05, 2009
EPSS 0.00
CVE-2009-0817
Drupal Protected Node Module < 5.x-1.4/6.x-1.5 - Authenticated XSS via Password Page
Mar 05, 2009
EPSS 0.00
CVE-2009-0603
Drupal 5.10 - Link module 5.x-2.5 - XSS
Feb 16, 2009
EPSS 0.00
CVE-2009-0575
Drupal Views Bulk Operations <5.x-1.3 & <6.x-1.4 - XSS
Feb 13, 2009
EPSS 0.00
CVE-2009-0382
Drupal i18n Translation <5.x-2.5 - Auth Bypass
Feb 02, 2009
EPSS 0.00
CVE-2008-6533
Drupal 5.x < 5.13 and 6.x < 6.7 - Cross-Site Scripting via Unfiltered Input Format Content
Mar 26, 2009
EPSS 0.00
CVE-2008-6532
Drupal 5.x < 5.13 and 6.x < 6.7 - Cross-Site Request Forgery in Update Feature
Mar 26, 2009
EPSS 0.00
CVE-2008-6384
Comment Mail 5.x < 5.x-1.1 - Cross-Site Request Forgery
Mar 02, 2009
EPSS 0.00
CVE-2008-6383
Drupal Storm < 5.x-1.14 and < 6.x-1.18 - Authenticated SQL Injection
Mar 02, 2009
EPSS 0.00
CVE-2008-6276
User Karma module < 5.x-1.13 and 6.x-1.0-beta1 - Authenticated SQL Injection via Content Type or Voting API Value
Feb 25, 2009
EPSS 0.00
CVE-2008-6275
Drupal User Karma Module < 5.x-1.12 - XSS
Feb 25, 2009
EPSS 0.00
CVE-2008-6229
Drupal CCK 5.x < 1.10 / 6.x < 2.0 - Authenticated XSS via Field Labels
Feb 20, 2009
EPSS 0.00
CVE-2008-6171
Drupal 5.x < 5.12 and 6.x < 6.6 - Remote Code Execution via HTTP Host Header
Feb 19, 2009
EPSS 0.03
CVE-2008-6170
Drupal 5.x < 5.12 and 6.x < 6.6 - Authenticated Cross-Site Scripting via Book Page Title
Feb 19, 2009
EPSS 0.00
CVE-2008-6169
Drupal Localization Client < 5.x-1.0 and 6.x < 6.x-1.6 - Cross-Site Request Forgery
Feb 19, 2009
EPSS 0.00
Products
drupal 273
core 91
core-recommended 6
project_issue_tracking_module 6
Drupal core 5
print 5
aggregation_module 4
ai 4
everyblog 4
project 4
ubercart_module 4
Drupal Core 3
OpenID Connect / OAuth client 3
content_construction_kit 3
drupal_project_issue_tracking 3
shindig-integrator 3
File Access Fix (deprecated) 2
activity 2
ajax_checklist 2
artificial_intelligence 2
bibliography_module 2
brilliant_gallery 2
chatroom_module 2
civictheme 2
cookies_consent_management 2
custom_search_module 2
data 2
database_administration_module 2
drupal_easylinks_module 2
google_tag 2
Quick Filters