This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:drupal:drupal:6.0:rc-4 |
| Detail | |||
|---|---|---|---|
| Vendor | Drupal | First view | 2008-04-11 |
| Product | Drupal | Last view | 2012-03-28 |
| Version | 6.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | rc-4 | ||
| CPE Product | cpe:/a:drupal:drupal | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 6.8 | 2012-03-28 | CVE-2007-6752 | Network | Medium | None Requ... | |
| 3.5 | 2009-12-21 | CVE-2009-4370 | Network | Medium | Requires ... | |
| 3.5 | 2009-12-21 | CVE-2009-4369 | Network | Medium | Requires ... | |
| 5 | 2009-07-08 | CVE-2009-2374 | Network | Low | None Requ... | |
| 4.3 | 2009-07-08 | CVE-2009-2373 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 6.5 | 2009-07-08 | CVE-2009-2372 | Network | Low | Requires ... | |
| 4.3 | 2009-05-06 | CVE-2009-1576 | Network | Medium | None Requ... | |
| 4.3 | 2009-05-06 | CVE-2009-1575 | Network | Medium | None Requ... | |
| 6 | 2008-10-29 | CVE-2008-4792 | Network | Medium | Requires ... | |
| 6 | 2008-10-29 | CVE-2008-4791 | Network | Medium | Requires ... | |
| 6 | 2008-10-29 | CVE-2008-4789 | Network | Medium | Requires ... | |
| 6.8 | 2008-07-18 | CVE-2008-3222 | Network | Medium | None Requ... | |
| 5.8 | 2008-04-11 | CVE-2008-1729 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 36% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 27% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 9% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 9% (1) | CWE-287 | Improper Authentication |
| 9% (1) | CWE-255 | Credentials Management |
| % | id | Name |
|---|---|---|
| 9% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 61105 | Drupal Core Menu Module Admin Page Unspecified XSS |
| 61104 | Drupal Core Contact Module Admin Page Category Parameter XSS |
| 55525 | Drupal Core User Signature Format Weakness |
| 55524 | Drupal Core Forum Module Unspecified XSS |
| 54153 | Drupal Core Form Submission Unspecified Information Disclosure |
| id | Description |
|---|---|
| 54152 | Drupal Core UTF-7 Unspecified XSS |
| 49523 | Drupal Core BlogAPI Module Internal Form Field Value Manipulation Remote Auth... |
| 49522 | Drupal User Module Unspecified Login Access Rules Remote Authentication Bypass |
| 48999 | Drupal Core Upload Module Unprivileged Content File Attachment Weakness |
| 46945 | Drupal User Module Session Fixation |
| 44270 | Drupal Menu System Handler Security Bypass |
