drupal

509 tracked vulnerabilities.

CVE-2006-4947
Drupal 4.7 Search Keywords <1.15 - XSS
Sep 23, 2006
EPSS 0.01
CVE-2006-4949
Drupal Site Profile Directory Module - Cross-Site Scripting via Name and Title Parameters
Sep 23, 2006
EPSS 0.00
CVE-2006-4821
Drupal Userreview Module - Cross-Site Scripting
Sep 15, 2006
EPSS 0.01
CVE-2006-4717
Drupal 4.7-4.6 Pubcookie - Auth Bypass
Sep 12, 2006
EPSS 0.01
CVE-2006-4646
Drupal Pathauto Module - Cross-Site Scripting
Sep 08, 2006
EPSS 0.01
CVE-2006-4355
Drupal Easylinks Module < 1.5.2.1 - Cross-Site Scripting
Aug 27, 2006
EPSS 0.00
CVE-2006-4356
Drupal Easylinks Module < 1.5.2.1 - SQL Injection
Aug 27, 2006
EPSS 0.01
CVE-2006-4360
Drupal E-commerce Module - Authenticated Cross-Site Scripting
Aug 27, 2006
EPSS 0.00
CVE-2006-4120
Drupal Recipe Module < 1.53 - Cross-Site Scripting
Aug 14, 2006
EPSS 0.02
CVE-2006-4107
Drupal Job Search < 1.3.2.1 - SQL Injection via Job or Resume Search
Aug 14, 2006
EPSS 0.01
CVE-2006-4108
Drupal Bibliography Module < 4.5 - SQL Injection
Aug 14, 2006
EPSS 0.01
CVE-2006-4109
Drupal Bibliography Module < 4.5 - Cross-Site Scripting
Aug 14, 2006
EPSS 0.00
CVE-2006-4002
Drupal 4.6-4.6.8 and 4.7-4.7.2 - Cross-Site Scripting via User Module Msg Parameter
Aug 07, 2006
EPSS 0.01
CVE-2006-3570
Drupal 4.6-4.7 - Cross-Site Scripting in Webform Module
Jul 13, 2006
EPSS 0.00
CVE-2006-3473
Drupal Module <1.8.2.2 - CRLF Injection
Jul 10, 2006
EPSS 0.01
CVE-2006-2831
Drupal 4.6.x < 4.6.8 and 4.7.x < 4.7.2 - Remote Code Execution via Multiple Extension File Upload
Jun 06, 2006
EPSS 0.02
CVE-2006-2832
Drupal 4.6.x-4.6.7 and 4.7.x-4.7.1 - Cross-Site Scripting via Uploaded Filename
Jun 06, 2006
EPSS 0.01
CVE-2006-2833
Drupal 4.6.8 and 4.7.2 - Cross-Site Scripting in Taxonomy Module
Jun 06, 2006
EPSS 0.01
CVE-2006-2742
Drupal 4.6.x < 4.6.7 and 4.7.0 - SQL Injection via Count and From Variables
Jun 01, 2006
EPSS 0.01
CVE-2006-2743
Drupal 4.6.x < 4.6.7 and 4.7.0 - Arbitrary File Upload and Execution via Multiple File Extensions
Jun 01, 2006
EPSS 0.16
CVE-2006-2260
Drupal 4.5 and 4.6 - Cross-Site Scripting in Project Module
May 09, 2006
EPSS 0.00
CVE-2006-1225
Drupal <4.5.8, <4.6 - CRLF Injection
Mar 14, 2006
EPSS 0.01
CVE-2006-1226
Drupal 4.5.x-4.6.x - Cross-Site Scripting
Mar 14, 2006
EPSS 0.01
CVE-2006-1227
Drupal <4.5.8, <4.6 - Info Disclosure
Mar 14, 2006
EPSS 0.01
CVE-2006-1228
Drupal <4.5.8, <4.6 - Privilege Escalation
Mar 14, 2006
EPSS 0.02
Products
drupal 273 core 91 core-recommended 6 project_issue_tracking_module 6 Drupal core 5 print 5 aggregation_module 4 ai 4 everyblog 4 project 4 ubercart_module 4 Drupal Core 3 OpenID Connect / OAuth client 3 content_construction_kit 3 drupal_project_issue_tracking 3 shindig-integrator 3 File Access Fix (deprecated) 2 activity 2 ajax_checklist 2 artificial_intelligence 2 bibliography_module 2 brilliant_gallery 2 chatroom_module 2 civictheme 2 cookies_consent_management 2 custom_search_module 2 data 2 database_administration_module 2 drupal_easylinks_module 2 google_tag 2
Quick Filters
Critical CVEs With Exploits In CISA KEV