Vendor Dictionary: Drupal

Drupal

Short Name:	[None Entered]
Previous Names:	[None Entered]
URL:	http://drupal.org/ [visit link]
Email:	[None Entered]
Security URL:	http://drupal.org/security [visit link]
Security Email:	securitydrupal.org
Knowledge Base:	[None Entered]
Notes:	How to report a security issue: http://drupal.org/node/101494
Full Details...

Vulnerabilities by Vendor Product

Drupal

« Previous 1 2 Next »

Drupal

Project Issue Tracking Module: 5.x-2.x-dev (pre 2008-01-30); OSVDB ID: 42150 Drupal Project Issue Tracking Module Comment Summary XSS; 5.x-1.2; OSVDB ID: 42150 Drupal Project Issue Tracking Module Comment Summary XSS; 4.7.x-2.6; OSVDB ID: 42150 Drupal Project Issue Tracking Module Comment Summary XSS; 4.7.x-1.6; OSVDB ID: 42150 Drupal Project Issue Tracking Module Comment Summary XSS; 5.x-2.x-dev (pre 2008-01-30); OSVDB ID: 42151 Drupal Project Issue Tracking Module Arbitrary File Upload; 5.x-1.2; OSVDB ID: 42151 Drupal Project Issue Tracking Module Arbitrary File Upload; 4.7.x-2.6; OSVDB ID: 42151 Drupal Project Issue Tracking Module Arbitrary File Upload; 4.7.x-1.6; OSVDB ID: 42151 Drupal Project Issue Tracking Module Arbitrary File Upload

Outline Designer Module for Drupal: 6.x-1.x-dev; OSVDB ID: 69563 Outline Designer Module for Drupal Multiple Unspecified Admin Function CSRF; 6.x-1.0-rc1; OSVDB ID: 69563 Outline Designer Module for Drupal Multiple Unspecified Admin Function CSRF; 6.x-1.0-rc2; OSVDB ID: 69563 Outline Designer Module for Drupal Multiple Unspecified Admin Function CSRF; 6.x-1.0-rc3; OSVDB ID: 69563 Outline Designer Module for Drupal Multiple Unspecified Admin Function CSRF; 6.x-1.1; OSVDB ID: 69563 Outline Designer Module for Drupal Multiple Unspecified Admin Function CSRF

Comment Edited Module for Drupal: 6.x-1.0; OSVDB ID: 69567 Comment Edited Module for Drupal Unspecified XSS; 6.x-1.x-dev; OSVDB ID: 69567 Comment Edited Module for Drupal Unspecified XSS; 6.x-1.1; OSVDB ID: 69567 Comment Edited Module for Drupal Unspecified XSS; 6.x-1.2; OSVDB ID: 69567 Comment Edited Module for Drupal Unspecified XSS; 6.x-1.3; OSVDB ID: 69567 Comment Edited Module for Drupal Unspecified XSS

Archive Module for Drupal: 5.x-1.7; OSVDB ID: 40490 Archive Module for Drupal Unspecified XSS; 5.x-1.6; OSVDB ID: 40490 Archive Module for Drupal Unspecified XSS; 5.x-1.5; OSVDB ID: 40490 Archive Module for Drupal Unspecified XSS

Node Relativity: 5.x-1.x-dev; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 5.x-2.x-dev; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 5.x-2.0; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 5.x-2.1; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 5.x-2.2; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 5.x-2.3; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 5.x-2.4; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 5.x-2.5; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 6.x-1.x-dev; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 6.x-3.x-dev; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 6.x-1.1; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 6.x-1.2; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure; 6.x-1.3; OSVDB ID: 69236 Node Relativity Module for Drupal Unspecified XSS; OSVDB ID: 69235 Node Relativity Module for Drupal Unspecified CSRF; OSVDB ID: 69234 Node Relativity Module for Drupal Unspecified Node Information Disclosure

Drupal: 4.4.0; OSVDB ID: 17028 Drupal Privilege Unspecified User Role Privilege Escalation; 4.4.1; OSVDB ID: 17028 Drupal Privilege Unspecified User Role Privilege Escalation; 4.4.2; OSVDB ID: 17028 Drupal Privilege Unspecified User Role Privilege Escalation; 4.5.0; OSVDB ID: 17028 Drupal Privilege Unspecified User Role Privilege Escalation; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; 4.5.1; OSVDB ID: 17028 Drupal Privilege Unspecified User Role Privilege Escalation; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; 4.5.2; OSVDB ID: 17028 Drupal Privilege Unspecified User Role Privilege Escalation; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; 4.6.0; OSVDB ID: 17028 Drupal Privilege Unspecified User Role Privilege Escalation; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; 4.5.3; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; OSVDB ID: 17793 XML-RPC for PHP (PHPXMLRPC) parseRequest() Function Arbitrary PHP Code Execution; 4.6.1; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; OSVDB ID: 17793 XML-RPC for PHP (PHPXMLRPC) parseRequest() Function Arbitrary PHP Code Execution; 4.5.4; OSVDB ID: 18889 XML-RPC for PHP (PHPXMLRPC) Nested XML Tags Arbitrary PHP Code Execution; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; 4.5.3; OSVDB ID: 18889 XML-RPC for PHP (PHPXMLRPC) Nested XML Tags Arbitrary PHP Code Execution; 4.5.2; OSVDB ID: 18889 XML-RPC for PHP (PHPXMLRPC) Nested XML Tags Arbitrary PHP Code Execution; 4.5.1; OSVDB ID: 18889 XML-RPC for PHP (PHPXMLRPC) Nested XML Tags Arbitrary PHP Code Execution; 4.5.0; OSVDB ID: 18889 XML-RPC for PHP (PHPXMLRPC) Nested XML Tags Arbitrary PHP Code Execution; 4.5.7; OSVDB ID: 23912 Drupal Email Crafted Header Spoofing; OSVDB ID: 23910 Drupal Multiple Unspecified XSS; OSVDB ID: 23911 Drupal Login Session Fixation Hijacking; OSVDB ID: 23909 Drupal menu.module Menu Item Creation Page Restriction Bypass; 4.6.5; OSVDB ID: 23912 Drupal Email Crafted Header Spoofing; OSVDB ID: 23910 Drupal Multiple Unspecified XSS; OSVDB ID: 23911 Drupal Login Session Fixation Hijacking; OSVDB ID: 23909 Drupal menu.module Menu Item Creation Page Restriction Bypass; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.6; OSVDB ID: 28623 Drupal Pubcookie Module Authentication Bypass; 4.7; OSVDB ID: 28623 Drupal Pubcookie Module Authentication Bypass; 4.6.0; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.6.1; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.6.2; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; 4.6.3; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS; 4.6.4; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.6.6; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.6.7; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.6.8; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.6.9; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.7.0; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.7.1; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.7.2; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.7.3; OSVDB ID: 29922 Drupal XML Parser RSS Feed XSS; OSVDB ID: 29926 Drupal Unspecified CSRF; OSVDB ID: 29924 Drupal Profile Module Unspecified XSS; OSVDB ID: 29925 Drupal Forum Module Unspecified XSS; OSVDB ID: 29923 Drupal Aggregator Module Unspecified XSS; OSVDB ID: 29927 Drupal Form Action Attribute Injection; 4.7.10; OSVDB ID: 42163 Drupal Aggregator Module CSRF Feed Item Deletion; 5.5; OSVDB ID: 42163 Drupal Aggregator Module CSRF Feed Item Deletion; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 4.7.10; OSVDB ID: 42164 Drupal Browser Interpretation Conflict (MSIE 6) UTF-8 XSS; 5.5; OSVDB ID: 42164 Drupal Browser Interpretation Conflict (MSIE 6) UTF-8 XSS; 4.7.10; OSVDB ID: 42165 Drupal Theme .tpl.php File XSS; 5.5; OSVDB ID: 42165 Drupal Theme .tpl.php File XSS; 6.x; OSVDB ID: 55521 Advanced Forum Module for Drupal Unspecified XSS; 5.x; OSVDB ID: 58224 Drupal Crafted Extension File Upload Arbitrary Code Execution; 6.13; OSVDB ID: 58224 Drupal Crafted Extension File Upload Arbitrary Code Execution; 6.14; OSVDB ID: 58224 Drupal Crafted Extension File Upload Arbitrary Code Execution; 5.0; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.1; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.2; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.3; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.4; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.6; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.7; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.8; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.9; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.10; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.11; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.12; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.13; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.14; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.15; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.16; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.17; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 5.18; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.0; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.1; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.2; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.3; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.4; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.5; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.6; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.7; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.8; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.11; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.12; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.9; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 6.10; OSVDB ID: 55524 Drupal Core Forum Module Unspecified XSS; 4.5.5; OSVDB ID: 21351 Drupal Multiple HTML/SGML Tag XSS

Meta Tags Module: 5.x-1.6; OSVDB ID: 42157 Meta Tags Module for Drupal Image Addition Arbitrary Code Execution

Embedded Media Field Module for Drupal: 5.x-1.11; OSVDB ID: 69743 Embedded Media Field Module for Drupal Arbitrary File Upload; OSVDB ID: 69744 Embedded Media Field Module for Drupal Multiple Field XSS; 6.x-1.25; OSVDB ID: 69743 Embedded Media Field Module for Drupal Arbitrary File Upload; 6.x-2.3; OSVDB ID: 69743 Embedded Media Field Module for Drupal Arbitrary File Upload; OSVDB ID: 69744 Embedded Media Field Module for Drupal Multiple Field XSS; 6.x-1.25; OSVDB ID: 69744 Embedded Media Field Module for Drupal Multiple Field XSS

Category Tokens Module for Drupal: 6.x-1.0; OSVDB ID: 69145 Category Tokens Module for Drupal Token Help Vocabulary Names XSS

Calender Module for Drupal: 6.x-2.1; OSVDB ID: 56611 Calendar Module for Drupal Content Type Label XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.