This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:drupal:drupal:4.6.2
Detail
VendorDrupalFirst view 2005-12-03
ProductDrupalLast view 2012-03-28
Version4.6.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:drupal:drupal

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.82012-03-28CVE-2007-6752NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0276NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0273NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0272NetworkMediumNone Requ...
7.52007-12-10CVE-2007-6299NetworkLowNone Requ...
Hide | Show 14 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
3.52007-01-08CVE-2007-0124NetworkMediumRequires ...
2.62006-10-24CVE-2006-5477NetworkHighNone Requ...
7.52006-10-24CVE-2006-5476NetworkLowNone Requ...
6.82006-10-24CVE-2006-5475NetworkMediumNone Requ...
4.32006-08-07CVE-2006-4002NetworkMediumNone Requ...
2.62006-06-05CVE-2006-2832NetworkHighNone Requ...
7.52006-06-05CVE-2006-2831NetworkLowNone Requ...
5.12006-06-01CVE-2006-2743NetworkHighNone Requ...
7.52006-06-01CVE-2006-2742NetworkLowNone Requ...
4.32006-05-09CVE-2006-2260NetworkMediumNone Requ...
4.62006-03-14CVE-2006-1227LocalLowNone Requ...
42005-12-03CVE-2005-3975NetworkLowRequires ...
6.42005-12-03CVE-2005-3974NetworkLowNone Requ...
4.32005-12-03CVE-2005-3973NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (2)CWE-352Cross-Site Request Forgery (CSRF)
33% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
16% (1)CWE-20Improper Input Validation

Open Source Vulnerability Database (OSVDB)

idDescription
42164Drupal Browser Interpretation Conflict (MSIE 6) UTF-8 XSS
42163Drupal Aggregator Module CSRF Feed Item Deletion
42023Devel Module for Drupal site Parameter XSS
39649Drupal taxonomy_select_nodes() Function SQL Injection
32131Drupal Page Cache Poisoning 404 Page DoS
Hide | Show 15 More...
idDescription
29927Drupal Form Action Attribute Injection
29926Drupal Unspecified CSRF
29922Drupal XML Parser RSS Feed XSS
27754Drupal user.module msg Parameter XSS
27595Drupal upload.module Filename XSS
27593Drupal database.mysqli.inc Multiple Parameter SQL Injection
27592Drupal database.pgsql.inc Multiple Parameter SQL Injection
25910Drupal File Upload Multiple Extension Restriction Bypass
25909Drupal on Apache files Directory File Upload Arbitrary Code Execution
25908Drupal database.mysql.inc Multiple Parameter SQL Injection
25450Drupal project.module XSS
23909Drupal menu.module Menu Item Creation Page Restriction Bypass
21351Drupal Multiple HTML/SGML Tag XSS
21350Drupal Access User Profile Access Remote Bypass
20248Microsoft IE Embedded Content Processing XSS

Milw0rm Exploits

idDescription
2006-05-24Drupal <= 4.7 (attachment mod_mime) Remote Exploit

OpenVAS Exploits

idDescription
2009-04-09Name : Mandriva Update for madwifi-source MDKSA-2007:132 (madwifi-source)
File : nvt/gb_mandriva_MDKSA_2007_132.nasl
2009-02-27Name : Fedora Update for drupal FEDORA-2007-4163
File : nvt/gb_fedora_2007_4163_drupal_fc8.nasl
2009-02-27Name : Fedora Update for drupal FEDORA-2007-4136
File : nvt/gb_fedora_2007_4136_drupal_fc7.nasl
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal51.nasl
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal52.nasl
Hide | Show 8 More...
idDescription
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal53.nasl
2008-09-04Name : FreeBSD Ports: drupal
File : nvt/freebsd_drupal0.nasl
2008-09-04Name : FreeBSD Ports: drupal
File : nvt/freebsd_drupal2.nasl
2008-01-17Name : Debian Security Advisory DSA 1125-1 (drupal)
File : nvt/deb_1125_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1125-2 (drupal)
File : nvt/deb_1125_2.nasl
2008-01-17Name : Debian Security Advisory DSA 958-1 (drupal)
File : nvt/deb_958_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1147-1 (drupal)
File : nvt/deb_1147_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1007-1 (drupal)
File : nvt/deb_1007_1.nasl

Nessus® Vulnerability Scanner

idDescription
2008-01-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6f736456c06011dc982e001372fd0af2.nasl - Type : ACT_GATHER_INFO
2008-01-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4451a4c9c05e11dc982e001372fd0af2.nasl - Type : ACT_GATHER_INFO
2007-12-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_fa708908a8c711dcb41d000fb5066b20.nasl - Type : ACT_GATHER_INFO
2007-12-11Name : The remote Fedora host is missing a security update.
File : fedora_2007-4136.nasl - Type : ACT_GATHER_INFO
2007-12-11Name : The remote Fedora host is missing a security update.
File : fedora_2007-4163.nasl - Type : ACT_GATHER_INFO
Hide | Show 6 More...
idDescription
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1007.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-925.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1125.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-958.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1147.nasl - Type : ACT_GATHER_INFO
2006-06-06Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_40a0185fec3211dabe02000c6ec775d9.nasl - Type : ACT_GATHER_INFO