drupal

509 tracked vulnerabilities.

CVE-2007-1368
Drupal <5.x-0.2-beta - Info Disclosure
Mar 09, 2007
EPSS 0.00
CVE-2007-1360
Drupal Nodefamily < 5.x-1.0 - Authenticated Profile Access and Modification
Mar 08, 2007
EPSS 0.02
CVE-2007-1033
Drupal Secure Site Module 4.7.x-1.x-dev and 5.x-1.x-dev - Access Restriction Bypass via Crafted URL
Feb 21, 2007
EPSS 0.00
CVE-2007-1035
Drupal Audio Module - Arbitrary File Read, Delete, and Write via getID3 Demonstration Scripts
Feb 21, 2007
EPSS 0.01
CVE-2007-0658
Drupal Textimage/Captcha <4.7-1.2,5.x-1.1 - Auth Bypass
Feb 01, 2007
EPSS 0.01
CVE-2007-0626
Drupal 4.7.0-4.7.5 - Authenticated Remote Code Execution via Comment Preview
Jan 31, 2007
EPSS 0.05
CVE-2007-0534
Drupal Project and Project Issue Tracking Module <5 - Authenticated Cross-Site Scripting
Jan 26, 2007
EPSS 0.01
CVE-2007-0505
Drupal Project Issue Tracking Module 4.7.0-5.x - Authenticated Arbitrary Code Execution via File Upload
Jan 26, 2007
EPSS 0.03
CVE-2007-0506
Drupal Project Issue Tracking Module 4.7.0-5.x - Authenticated Access Control Bypass via Filename Guessing
Jan 26, 2007
EPSS 0.00
CVE-2007-0507
Drupal Acidfree < 4.6.x-1.0 and < 4.7.x-1.0 - Authenticated SQL Injection via Node Titles
Jan 26, 2007
EPSS 0.01
CVE-2007-0136
Drupal 4.6.0-4.6.10 - Cross-Site Scripting in Filter and System Modules
Jan 09, 2007
EPSS 0.01
CVE-2007-0124
Drupal < 4.6.11 and 4.7 < 4.7.5 - Authenticated Denial of Service via Page Cache Poisoning
Jan 09, 2007
EPSS 0.01
CVE-2006-7109
Drupal IMCE Module < 1.5 - Authenticated Arbitrary File Upload via Double Extension
Mar 05, 2007
EPSS 0.01
CVE-2006-7110
Drupal IMCE Module < 1.5 - Authenticated Directory Traversal via Delete Function
Mar 05, 2007
EPSS 0.02
CVE-2006-6646
Drupal Project Issue Tracking 4.7.x-1.0-2.0 and Project 4.6.x-1.0-4.7.x-2.0 - Cross-Site Scripting
Dec 20, 2006
EPSS 0.01
CVE-2006-6647
Drupal MySite 4.7.x-3.3 and 5.x-1.3 - Cross-Site Scripting via Title Field
Dec 20, 2006
EPSS 0.01
CVE-2006-6528
Drupal Chatroom Module <4.7.x-1.0 - Info Disclosure
Dec 14, 2006
EPSS 0.01
CVE-2006-6529
Drupal Chatroom Module <4.7.x - Info Disclosure
Dec 14, 2006
EPSS 0.01
CVE-2006-6530
Drupal Help Tip Module < 4.7 - SQL Injection
Dec 14, 2006
EPSS 0.01
CVE-2006-6531
Drupal Help Tip Module < 4.7 - Cross-Site Scripting via Node Titles
Dec 14, 2006
EPSS 0.01
CVE-2006-6386
CVS management/tracker <4.7.0 - XSS
Dec 08, 2006
EPSS 0.01
CVE-2006-5608
Drupal Extended Tracker < 1.5.2.1 - SQL Injection via URL Parameters
Oct 30, 2006
EPSS 0.01
CVE-2006-5475
Drupal 4.6.x-4.7.x - Cross-Site Scripting via RSS Feed XML Parser
Oct 24, 2006
EPSS 0.02
CVE-2006-5476
Drupal 4.6.x-4.6.9 and 4.7.x-4.7.3 - Cross-Site Request Forgery
Oct 24, 2006
EPSS 0.01
CVE-2006-5477
Drupal 4.6.x-4.6.9 and 4.7.x-4.7.3 - Unauthenticated Form Information Disclosure via Redirect
Oct 24, 2006
EPSS 0.01
Products
drupal 273 core 91 core-recommended 6 project_issue_tracking_module 6 Drupal core 5 print 5 aggregation_module 4 ai 4 everyblog 4 project 4 ubercart_module 4 Drupal Core 3 OpenID Connect / OAuth client 3 content_construction_kit 3 drupal_project_issue_tracking 3 shindig-integrator 3 File Access Fix (deprecated) 2 activity 2 ajax_checklist 2 artificial_intelligence 2 bibliography_module 2 brilliant_gallery 2 chatroom_module 2 civictheme 2 cookies_consent_management 2 custom_search_module 2 data 2 database_administration_module 2 drupal_easylinks_module 2 google_tag 2
Quick Filters
Critical CVEs With Exploits In CISA KEV