This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:drupal:drupal:4.6.5
Detail
VendorDrupalFirst view 2006-03-14
ProductDrupalLast view 2012-03-28
Version4.6.5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:drupal:drupal

Activity : Yearly

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentification
6.82012-03-28CVE-2007-6752NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0276NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0273NetworkMediumNone Requ...
4.32008-01-15CVE-2008-0272NetworkMediumNone Requ...
7.52007-12-10CVE-2007-6299NetworkLowNone Requ...
Hide | Show 10 More...
 DateAlertAccess VectorAccess ComplexityAuthentification
3.52007-01-08CVE-2007-0124NetworkMediumRequires ...
2.62006-10-24CVE-2006-5477NetworkHighNone Requ...
7.52006-10-24CVE-2006-5476NetworkLowNone Requ...
6.82006-10-24CVE-2006-5475NetworkMediumNone Requ...
4.32006-08-07CVE-2006-4002NetworkMediumNone Requ...
2.62006-06-05CVE-2006-2832NetworkHighNone Requ...
7.52006-06-05CVE-2006-2831NetworkLowNone Requ...
5.12006-06-01CVE-2006-2743NetworkHighNone Requ...
7.52006-06-01CVE-2006-2742NetworkLowNone Requ...
4.62006-03-14CVE-2006-1227LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (2)CWE-352Cross-Site Request Forgery (CSRF)
33% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
16% (1)CWE-20Improper Input Validation

Open Source Vulnerability Database (OSVDB)

idDescription
42164Drupal Browser Interpretation Conflict (MSIE 6) UTF-8 XSS
42163Drupal Aggregator Module CSRF Feed Item Deletion
42023Devel Module for Drupal site Parameter XSS
39649Drupal taxonomy_select_nodes() Function SQL Injection
32131Drupal Page Cache Poisoning 404 Page DoS
Hide | Show 11 More...
idDescription
29927Drupal Form Action Attribute Injection
29926Drupal Unspecified CSRF
29922Drupal XML Parser RSS Feed XSS
27754Drupal user.module msg Parameter XSS
27595Drupal upload.module Filename XSS
27593Drupal database.mysqli.inc Multiple Parameter SQL Injection
27592Drupal database.pgsql.inc Multiple Parameter SQL Injection
25910Drupal File Upload Multiple Extension Restriction Bypass
25909Drupal on Apache files Directory File Upload Arbitrary Code Execution
25908Drupal database.mysql.inc Multiple Parameter SQL Injection
23909Drupal menu.module Menu Item Creation Page Restriction Bypass

Milw0rm Exploits

idDescription
2006-05-24Drupal <= 4.7 (attachment mod_mime) Remote Exploit