This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:drupal:drupal:4.6.5
Detail
VendorDrupalFirst view 2006-03-14
ProductDrupalLast view2015-03-25
Version4.6.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:drupal:drupal

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
3.52015-03-25CVE-2015-2559NetworkMediumRequires ...
52014-11-24CVE-2014-9016NetworkLowNone Requ...
6.82014-11-24CVE-2014-9015NetworkMediumNone Requ...
4.32014-04-23CVE-2014-2983NetworkMediumNone Requ...
52012-05-21CVE-2012-2922NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82012-03-28CVE-2007-6752NetworkMediumNone Requ...
52009-07-08CVE-2009-2374NetworkLowNone Requ...
6.52009-07-08CVE-2009-2372NetworkLowRequires ...
7.52008-10-29CVE-2008-4793NetworkLowNone Requ...
62008-10-29CVE-2008-4792NetworkMediumRequires ...
62008-10-29CVE-2008-4791NetworkMediumRequires ...
62008-10-29CVE-2008-4790NetworkMediumRequires ...
62008-10-29CVE-2008-4789NetworkMediumRequires ...
7.52008-05-16CVE-2008-2271NetworkLowNone Requ...
5.82008-04-11CVE-2008-1729NetworkMediumNone Requ...
4.32008-03-04CVE-2008-1133NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0276NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0273NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0272NetworkMediumNone Requ...
7.52007-12-10CVE-2007-6299NetworkLowNone Requ...
4.32007-10-19CVE-2007-5598NetworkMediumNone Requ...
4.32007-10-19CVE-2007-5597NetworkMediumNone Requ...
4.32007-10-19CVE-2007-5596NetworkMediumNone Requ...
5.12007-10-19CVE-2007-5595NetworkHighNone Requ...

CWE : Common Weakness Enumeration

%idName
28% (8)CWE-264Permissions, Privileges, and Access Controls
25% (7)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
10% (3)CWE-20Improper Input Validation
7% (2)CWE-352Cross-Site Request Forgery (CSRF)
7% (2)CWE-200Information Exposure
Hide | Show 5 More...
%idName
7% (2)CWE-94Failure to Control Generation of Code ('Code Injection')
3% (1)CWE-284Access Control (Authorization) Issues
3% (1)CWE-255Credentials Management
3% (1)CWE-189Numeric Errors
3% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:24560DSA-2914-1 drupal6 - security update
oval:org.mitre.oval:def:28341DSA-3075-1 -- drupal7 security update
oval:org.mitre.oval:def:7333DSA-1930 drupal6 -- several vulnerabilities
oval:org.mitre.oval:def:13660DSA-1930-1 drupal6 -- several vulnerabilities

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
55525Drupal Core User Signature Format Weakness
55524Drupal Core Forum Module Unspecified XSS
49523Drupal Core BlogAPI Module Internal Form Field Value Manipulation Remote Auth...
49522Drupal User Module Unspecified Login Access Rules Remote Authentication Bypass
49516Drupal Node Module API Unspecified Remote Validation Bypass
Hide | Show 20 More...
idDescription
49515Drupal Core Upload Module Attached Files Information Disclosure
48999Drupal Core Upload Module Unprivileged Content File Attachment Weakness
45170Site Documentation Module for Drupal Database Tables Access Content Permissio...
44270Drupal Menu System Handler Security Bypass
43656Drupal Default URI callback Variable drupal_eval Function Arbitrary PHP Code ...
42366Drupal ECMAScript Drupal.checkPlain Function XSS
42164Drupal Browser Interpretation Conflict (MSIE 6) UTF-8 XSS
42163Drupal Aggregator Module CSRF Feed Item Deletion
42023Devel Module for Drupal site Parameter XSS
39649Drupal taxonomy_select_nodes() Function SQL Injection
39648Drupal install.php Database Disconnect Arbitrary Code Execution
39647Drupal Forms API Protection Deletion Form CSRF
39636Drupal includes/common.inc drupal_goto Function CRLF Injection
39635Drupal Upload Module HTML Upload XSS
39634Drupal hook_comments API Access Restriction Bypass
37904Weblinks Module for Drupal Unspecified Parameter XSS
32140Drupal System Module Unspecified XSS
32139Drupal Filter Module Unspecified XSS
32136Drupal Comment Module comment_form_add_preview Function Arbitrary Code Execution
32131Drupal Page Cache Poisoning 404 Page DoS

Milw0rm Exploits

idDescription
2007-10-10Drupal <= 5.2 PHP Zend Hash Vulnerability Exploitation Vector
2006-05-24Drupal <= 4.7 (attachment mod_mime) Remote Exploit

OpenVAS Exploits

idDescription
2012-10-29Name : Fedora Update for drupal7 FEDORA-2012-16421
File : nvt/gb_fedora_2012_16421_drupal7_fc16.nasl
2012-10-29Name : Fedora Update for drupal7 FEDORA-2012-16442
File : nvt/gb_fedora_2012_16442_drupal7_fc17.nasl
2012-08-30Name : Fedora Update for drupal7 FEDORA-2012-8398
File : nvt/gb_fedora_2012_8398_drupal7_fc17.nasl
2012-06-04Name : Fedora Update for drupal7 FEDORA-2012-8360
File : nvt/gb_fedora_2012_8360_drupal7_fc15.nasl
2012-06-04Name : Fedora Update for drupal7 FEDORA-2012-8362
File : nvt/gb_fedora_2012_8362_drupal7_fc16.nasl
Hide | Show 20 More...
idDescription
2009-11-11Name : Debian Security Advisory DSA 1930-1 (drupal6)
File : nvt/deb_1930_1.nasl
2009-07-15Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal513.nasl
2009-07-15Name : Drupal Information Disclosure Vulnerability
File : nvt/gb_drupal_info_disclosure_vuln.nasl
2009-07-15Name : Drupal XSS and Code Injection Vulnerability
File : nvt/gb_drupal_xss_n_code_inj_vuln.nasl
2009-04-09Name : Mandriva Update for madwifi-source MDKSA-2007:132 (madwifi-source)
File : nvt/gb_mandriva_MDKSA_2007_132.nasl
2009-02-27Name : Fedora Update for drupal FEDORA-2007-4163
File : nvt/gb_fedora_2007_4163_drupal_fc8.nasl
2009-02-27Name : Fedora Update for drupal FEDORA-2007-2649
File : nvt/gb_fedora_2007_2649_drupal_fc7.nasl
2009-02-27Name : Fedora Update for drupal FEDORA-2007-4136
File : nvt/gb_fedora_2007_4136_drupal_fc7.nasl
2008-11-04Name : Drupal Core Multiple Vulnerabilities
File : nvt/gb_drupal_mult_vuln_oct08.nasl
2008-11-01Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal58.nasl
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal51.nasl
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal52.nasl
2008-09-04Name : FreeBSD Ports: drupal5
File : nvt/freebsd_drupal53.nasl
2008-09-04Name : FreeBSD Ports: drupal
File : nvt/freebsd_drupal8.nasl
2008-09-04Name : FreeBSD Ports: drupal
File : nvt/freebsd_drupal2.nasl
2008-09-04Name : FreeBSD Ports: drupal4
File : nvt/freebsd_drupal40.nasl
2008-01-17Name : Debian Security Advisory DSA 1125-1 (drupal)
File : nvt/deb_1125_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1125-2 (drupal)
File : nvt/deb_1125_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1147-1 (drupal)
File : nvt/deb_1147_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1007-1 (drupal)
File : nvt/deb_1007_1.nasl

Snort® IPS/IDS

DateDescription
2014-01-10OpenEngine filepool.php remote file include attempt
RuleID : 27196 - Type : SERVER-WEBAPP - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2015-03-31Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-181.nasl - Type : ACT_GATHER_INFO
2015-03-23Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3200.nasl - Type : ACT_GATHER_INFO
2015-03-20Name : The remote web server is running a PHP application that is affected by multip...
File : drupal_7_35.nasl - Type : ACT_GATHER_INFO
2015-01-05Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_5e1351788aeb11e4801f0022156e8794.nasl - Type : ACT_GATHER_INFO
2014-12-07Name : The remote Fedora host is missing a security update.
File : fedora_2014-15583.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-12-07Name : The remote Fedora host is missing a security update.
File : fedora_2014-15630.nasl - Type : ACT_GATHER_INFO
2014-12-03Name : The remote Fedora host is missing a security update.
File : fedora_2014-15515.nasl - Type : ACT_GATHER_INFO
2014-12-03Name : The remote Fedora host is missing a security update.
File : fedora_2014-15519.nasl - Type : ACT_GATHER_INFO
2014-12-03Name : The remote Fedora host is missing a security update.
File : fedora_2014-15522.nasl - Type : ACT_GATHER_INFO
2014-12-03Name : The remote Fedora host is missing a security update.
File : fedora_2014-15528.nasl - Type : ACT_GATHER_INFO
2014-11-21Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3075.nasl - Type : ACT_GATHER_INFO
2014-11-21Name : The remote web server is running a PHP application that is affected by multip...
File : drupal_7_34.nasl - Type : ACT_GATHER_INFO
2014-04-27Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2913.nasl - Type : ACT_GATHER_INFO
2014-04-27Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2914.nasl - Type : ACT_GATHER_INFO
2014-04-21Name : The remote web server is running a PHP application that is affected by an inf...
File : drupal_6_31.nasl - Type : ACT_GATHER_INFO
2014-04-21Name : The remote web server is running a PHP application that is affected by an inf...
File : drupal_7_27.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-074.nasl - Type : ACT_GATHER_INFO
2012-06-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-8360.nasl - Type : ACT_GATHER_INFO
2012-06-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-8362.nasl - Type : ACT_GATHER_INFO
2012-06-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-8398.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1930.nasl - Type : ACT_GATHER_INFO
2009-07-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_be9272986f9711deb444001372fd0af2.nasl - Type : ACT_GATHER_INFO
2008-10-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_12efc567987911dda5e70030843d3802.nasl - Type : ACT_GATHER_INFO
2008-05-16Name : The remote web server contains a PHP application that is affected by an infor...
File : drupal_sitedoc_tables_disclosure.nasl - Type : ACT_GATHER_INFO
2008-01-14Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6f736456c06011dc982e001372fd0af2.nasl - Type : ACT_GATHER_INFO