drupal
557 tracked vulnerabilities.
CVE-2008-3741
Drupal 5.x < 5.10 and 6.x < 6.4 - Authenticated Cross-Site Scripting via File Upload MIME Type
Aug 27, 2008
EPSS 0.01
CVE-2008-3742
Drupal 5.x < 5.10 and 6.x < 6.4 - Authenticated Remote Code Execution via BlogAPI Module File Upload
Aug 27, 2008
EPSS 0.03
CVE-2008-3743
Drupal 6.x < 6.4 - Cross-Site Request Forgery via Cached Forms and AHAH Elements
Aug 27, 2008
EPSS 0.01
CVE-2008-3744
Drupal 5.x < 5.10 and 6.x < 6.4 - Cross-Site Request Forgery
Aug 27, 2008
EPSS 0.01
CVE-2008-3745
Drupal Upload module < 6.4 - Authenticated Unauthorized Node Edit and File Deletion
Aug 27, 2008
EPSS 0.01
CVE-2008-3500
Drupal Suggested Terms module 5.x - Authenticated Cross-Site Scripting via Taxonomy Terms
Aug 06, 2008
EPSS 0.01
CVE-2008-3218
Drupal 6.0-6.2 - Cross-Site Scripting via Taxonomy Term Preview and OpenID Values
Jul 18, 2008
EPSS 0.02
CVE-2008-3219
Drupal 5.x < 5.8 and 6.x < 6.3 - Cross-Site Scripting via Object HTML Tag
Jul 18, 2008
EPSS 0.02
CVE-2008-3220
Drupal 5.x < 5.8 and 6.x < 6.3 - Cross-Site Request Forgery via Translated Strings Deletion
Jul 18, 2008
EPSS 0.01
CVE-2008-3221
Drupal 6.x < 6.3 - Cross-Site Request Forgery via OpenID Identity Deletion
Jul 18, 2008
EPSS 0.01
CVE-2008-3222
Drupal 5.x < 5.9 and 6.x < 6.3 - Session Fixation
Jul 18, 2008
EPSS 0.03
CVE-2008-3223
Drupal 6.x < 6.3 - SQL Injection via Numeric Field Placeholder
Jul 18, 2008
EPSS 0.03
CVE-2008-3091
Drupal Taxonomy Autotagger Module < 5.x-1.8 - Authenticated Cross-Site Scripting
Jul 09, 2008
EPSS 0.01
CVE-2008-3092
Drupal Taxonomy Autotagger Module < 5.x-1.8 - Authenticated SQL Injection
Jul 09, 2008
EPSS 0.01
CVE-2008-3095
Drupal Organic Groups Module 5.x < 5.x-7.3 and 6.x < 6.x-1.0-RC1 - Authenticated Cross-Site Scripting
Jul 09, 2008
EPSS 0.01
CVE-2008-3096
Drupal Outline Designer Module - Privilege Escalation via Authentication Level Change
Jul 09, 2008
EPSS 0.01
CVE-2008-3097
Tinytax Taxonomy Block Module 5.x - Authenticated Cross-Site Scripting via Taxonomy Term
Jul 09, 2008
EPSS 0.01
CVE-2008-2998
Drupal Aggregation Module < 5.x-4.4 - Cross-Site Scripting
Jul 03, 2008
EPSS 0.01
CVE-2008-2999
Drupal Aggregation module 5.x < 5.x-4.4 - SQL Injection
Jul 03, 2008
EPSS 0.01
CVE-2008-3000
Drupal Aggregation Module 5.x - Unauthenticated Access Control Bypass
Jul 03, 2008
EPSS 0.01
CVE-2008-3001
Drupal Aggregation Module 5.x - Remote Code Execution via Crafted Feed File Upload
Jul 03, 2008
EPSS 0.03
CVE-2008-2849
TrailScout module < 5.x-1.4 - Authenticated Cross-Site Scripting
Jun 25, 2008
EPSS 0.01
CVE-2008-2850
Drupal Trailscout Module - SQL Injection
Jun 25, 2008
EPSS 0.01
CVE-2008-2771
Drupal Node Hierarchy Module - Unauthenticated Node Hierarchy Modification via Access Check Bypass
Jun 18, 2008
EPSS 0.01
CVE-2008-2772
Drupal Magic Tabs Module 5.x - Remote Code Execution via URL Argument Injection
Jun 18, 2008
EPSS 0.01
Products
drupal 274
core 95
Drupal core 10
core-recommended 6
project_issue_tracking_module 6
print 5
aggregation_module 4
ai 4
everyblog 4
project 4
ubercart_module 4
AI (Artificial Intelligence) 3
Drupal Canvas 3
Drupal Core 3
OpenID Connect / OAuth client 3
content_construction_kit 3
drupal_project_issue_tracking 3
shindig-integrator 3
AI Agents 2
Advanced Content Feedback (aka admin_feedback) 2
Anti-Spam by CleanTalk 2
File Access Fix (deprecated) 2
FlowDrop 2
Login Disable 2
Paragraphs 2
SAML SSO - Service Provider 2
Tagify 2
activity 2
ajax_checklist 2
artificial_intelligence 2
Quick Filters