Filter
AND
AND
Drupal DrupalSaving user accounts can sometimes grant the user all roles
8.1
First published (updated )
Drupal DrupalBrute force amplification attacks via XML-RPC
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Drupal DrupalForm API ignores access restrictions on submit buttons
7.5
First published (updated )
Drupal DrupalThe OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authen…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Drupal DrupalDrupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand function to generate random numbers,…
6.8
First published (updated )
Drupal Drupalmodules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 allows remote attackers to hav…
6.8
First published (updated )
Drupal DrupalDrupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted …
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Drupal DrupalUnrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x befor…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Drupal DrupalDrupal versions 5.x and 6.x has open redirection
6.1
First published (updated )
Drupal DrupalOpen redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to…
6.1
First published (updated )
Drupal DrupalOpen redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.…
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Drupal DrupalThe user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users …
First published (updated )
Drupal DrupalThe core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unsp…
First published (updated )
Drupal DrupalThe validation functionality in the core upload module in Drupal 6.x before 6.5 allows remote authen…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.