This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:drupal:drupal:4.6.2
Detail
VendorDrupalFirst view 2005-12-03
ProductDrupalLast view 2012-03-28
Version4.6.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:drupal:drupal

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.8 2012-03-28 CVE-2007-6752 Network Medium None Requ...
4.3 2008-01-15 CVE-2008-0276 Network Medium None Requ...
4.3 2008-01-15 CVE-2008-0273 Network Medium None Requ...
4.3 2008-01-15 CVE-2008-0272 Network Medium None Requ...
7.5 2007-12-10 CVE-2007-6299 Network Low None Requ...
Hide | Show 14 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
3.5 2007-01-08 CVE-2007-0124 Network Medium Requires ...
2.6 2006-10-24 CVE-2006-5477 Network High None Requ...
7.5 2006-10-24 CVE-2006-5476 Network Low None Requ...
6.8 2006-10-24 CVE-2006-5475 Network Medium None Requ...
4.3 2006-08-07 CVE-2006-4002 Network Medium None Requ...
2.6 2006-06-05 CVE-2006-2832 Network High None Requ...
7.5 2006-06-05 CVE-2006-2831 Network Low None Requ...
5.1 2006-06-01 CVE-2006-2743 Network High None Requ...
7.5 2006-06-01 CVE-2006-2742 Network Low None Requ...
4.3 2006-05-09 CVE-2006-2260 Network Medium None Requ...
4.6 2006-03-14 CVE-2006-1227 Local Low None Requ...
4 2005-12-03 CVE-2005-3975 Network Low Requires ...
6.4 2005-12-03 CVE-2005-3974 Network Low None Requ...
4.3 2005-12-03 CVE-2005-3973 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
33% (2)CWE-352Cross-Site Request Forgery (CSRF)
33% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
16% (1)CWE-20Improper Input Validation

Open Source Vulnerability Database (OSVDB)

idDescription
42164Drupal Browser Interpretation Conflict (MSIE 6) UTF-8 XSS
42163Drupal Aggregator Module CSRF Feed Item Deletion
42023Devel Module for Drupal site Parameter XSS
39649Drupal taxonomy_select_nodes() Function SQL Injection
32131Drupal Page Cache Poisoning 404 Page DoS
Hide | Show 15 More...
idDescription
29927Drupal Form Action Attribute Injection
29926Drupal Unspecified CSRF
29922Drupal XML Parser RSS Feed XSS
27754Drupal user.module msg Parameter XSS
27595Drupal upload.module Filename XSS
27593Drupal database.mysqli.inc Multiple Parameter SQL Injection
27592Drupal database.pgsql.inc Multiple Parameter SQL Injection
25910Drupal File Upload Multiple Extension Restriction Bypass
25909Drupal on Apache files Directory File Upload Arbitrary Code Execution
25908Drupal database.mysql.inc Multiple Parameter SQL Injection
25450Drupal project.module XSS
23909Drupal menu.module Menu Item Creation Page Restriction Bypass
21351Drupal Multiple HTML/SGML Tag XSS
21350Drupal Access User Profile Access Remote Bypass
20248Microsoft IE Embedded Content Processing XSS

Milw0rm Exploits

idDescription
2006-05-24Drupal <= 4.7 (attachment mod_mime) Remote Exploit

OpenVAS Exploits

idDescription
2009-04-09Name : Mandriva Update for madwifi-source MDKSA-2007:132 (madwifi-source)
File : nvt/gb_mandriva_MDKSA_2007_132.nasl
2009-02-27Name : Fedora Update for drupal FEDORA-2007-4163
File : nvt/gb_fedora_2007_4163_drupal_fc8.nasl
2009-02-27Name : Fedora Update for drupal FEDORA-2007-4136
File : nvt/gb_fedora_2007_4136_drupal_fc7.nasl
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal51.nasl
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal52.nasl
Hide | Show 8 More...
idDescription
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal53.nasl
2008-09-04Name : FreeBSD Ports: drupal
File : nvt/freebsd_drupal0.nasl
2008-09-04Name : FreeBSD Ports: drupal
File : nvt/freebsd_drupal2.nasl
2008-01-17Name : Debian Security Advisory DSA 1125-1 (drupal)
File : nvt/deb_1125_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1125-2 (drupal)
File : nvt/deb_1125_2.nasl
2008-01-17Name : Debian Security Advisory DSA 958-1 (drupal)
File : nvt/deb_958_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1147-1 (drupal)
File : nvt/deb_1147_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1007-1 (drupal)
File : nvt/deb_1007_1.nasl

Nessus® Vulnerability Scanner

idDescription
2008-01-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6f736456c06011dc982e001372fd0af2.nasl - Type : ACT_GATHER_INFO
2008-01-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4451a4c9c05e11dc982e001372fd0af2.nasl - Type : ACT_GATHER_INFO
2007-12-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_fa708908a8c711dcb41d000fb5066b20.nasl - Type : ACT_GATHER_INFO
2007-12-11Name : The remote Fedora host is missing a security update.
File : fedora_2007-4136.nasl - Type : ACT_GATHER_INFO
2007-12-11Name : The remote Fedora host is missing a security update.
File : fedora_2007-4163.nasl - Type : ACT_GATHER_INFO
Hide | Show 6 More...
idDescription
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1007.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-925.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1125.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-958.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1147.nasl - Type : ACT_GATHER_INFO
2006-06-06Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_40a0185fec3211dabe02000c6ec775d9.nasl - Type : ACT_GATHER_INFO