drupal
557 tracked vulnerabilities.
CVE-2008-0277
Drupal Fileshare Module - Authenticated Remote Code Execution
Jan 15, 2008
EPSS 0.02
CVE-2007-6752
Drupal < 7.12 - Cross-Site Request Forgery via User Logout URI
Mar 28, 2012
EPSS 0.04
CVE-2007-6320
Drupal Feature Module 4.7.x-dev and 5.x-dev before 20071206 - Cross-Site Request Forgery
Dec 12, 2007
EPSS 0.01
CVE-2007-6298
Drupal Shoutbox < 5.x-1.1 - Authenticated Cross-Site Scripting via Shoutbox Block Messages
Dec 10, 2007
EPSS 0.01
CVE-2007-6299
Drupal & vbDrupal <4.7.9, 5.x - SQL Injection
Dec 10, 2007
EPSS 0.02
CVE-2007-5621
Token module < 1.4 - Authenticated Cross-Site Scripting via Comments
Oct 22, 2007
EPSS 0.01
CVE-2007-5593
Drupal 5.x < 5.3 - Remote Code Execution via install.php Database Unreachable Vector
Oct 19, 2007
EPSS 0.04
CVE-2007-5594
Drupal 5.x < 5.3 - Cross-Site Request Forgery via User Deletion Form
Oct 19, 2007
EPSS 0.01
CVE-2007-5595
Drupal <4.7.8, <5.3 - CRLF Injection
Oct 19, 2007
EPSS 0.02
CVE-2007-5596
Drupal 4.7.0-4.7.7 - Stored Cross-Site Scripting via HTML File Upload
Oct 19, 2007
EPSS 0.02
CVE-2007-5597
Drupal 4.7.0-4.7.7 - Access Restriction Bypass via hook_comments API
Oct 19, 2007
EPSS 0.01
CVE-2007-5416
Drupal < 5.2 - Remote Code Execution via Callback Parameter Hash Collision
Oct 12, 2007
EPSS 0.04
CVE-2007-5228
Drupal Project Issue Tracking < 4.7.x-1.5/2.5, < 5.x-1.1 - Authenticated XSS via Subscription Form
Oct 05, 2007
EPSS 0.01
CVE-2007-4436
Drupal Project module <5.x-1.0, 4.7.x-2.3, 4.7.x-1.3 - Info Disclosure
Aug 20, 2007
EPSS 0.01
CVE-2007-4363
Drupal CCK <4.7.x-1.6 & 5.x-1.6 - XSS
Aug 15, 2007
EPSS 0.02
CVE-2007-4063
Drupal 5.x < 5.2 - Cross-Site Request Forgery via Forms API
Jul 30, 2007
EPSS 0.01
CVE-2007-4064
Drupal 4.7.x < 4.7.7 and 5.x < 5.2 - Cross-Site Scripting via PHP_SELF and Custom Content Type Names
Jul 30, 2007
EPSS 0.01
CVE-2007-3817
Drupal LoginToboggan Module < 4.7.x-1.0 - Cross-Site Scripting via Crafted Username
Jul 17, 2007
EPSS 0.01
CVE-2007-3818
Drupal LoginToboggan Module < 4.7.x-1.0 - Authenticated Cross-Site Scripting via Login Block Message
Jul 17, 2007
EPSS 0.01
CVE-2007-3689
Drupal Print module <4.7-1.0 & 5.x-1.2 - Info Disclosure
Jul 11, 2007
EPSS 0.02
CVE-2007-3690
Drupal Forward <4.7-1.1 & 5.x-1.0 - Info Disclosure
Jul 11, 2007
EPSS 0.02
CVE-2007-2159
Drupal Database Administration Module 4.6.x-* and 4.7.x-1.* < 4.7.x-1.2 - Cross-Site Scripting
Apr 22, 2007
EPSS 0.01
CVE-2007-2160
Drupal Database Administration Module 4.6.x-* and < 4.7.x-1.2 - Cross-Site Request Forgery
Apr 22, 2007
EPSS 0.01
CVE-2007-1368
Drupal <5.x-0.2-beta - Info Disclosure
Mar 09, 2007
EPSS 0.01
CVE-2007-1360
Drupal Nodefamily < 5.x-1.0 - Authenticated Profile Access and Modification
Mar 08, 2007
EPSS 0.02
Products
drupal 274
core 95
Drupal core 10
core-recommended 6
project_issue_tracking_module 6
print 5
aggregation_module 4
ai 4
everyblog 4
project 4
ubercart_module 4
AI (Artificial Intelligence) 3
Drupal Canvas 3
Drupal Core 3
OpenID Connect / OAuth client 3
content_construction_kit 3
drupal_project_issue_tracking 3
shindig-integrator 3
AI Agents 2
Advanced Content Feedback (aka admin_feedback) 2
Anti-Spam by CleanTalk 2
File Access Fix (deprecated) 2
FlowDrop 2
Login Disable 2
Paragraphs 2
SAML SSO - Service Provider 2
Tagify 2
activity 2
ajax_checklist 2
artificial_intelligence 2
Quick Filters