Shodan
Vulnerabilities
Vulnerable Software
Drupal:  >> Drupal  >> 5.22  Security Vulnerabilities
CVE-2010-2030
Cross-site scripting (XSS) vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the administration and redirect pages.
CVSS Score
4.3
EPSS Score
0.003
Published
2010-05-24
CVE-2010-2002
Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, to inject arbitrary web script or HTML via the word list.
CVSS Score
2.1
EPSS Score
0.002
Published
2010-05-20
CVE-2010-1998
Cross-site scripting (XSS) vulnerability in the CCK TableField module 6.x before 6.x-1.2 for Drupal allows remote authenticated users, with certain node creation or editing privileges, to inject arbitrary web script or HTML via table headers.
CVSS Score
2.1
EPSS Score
0.003
Published
2010-05-20
CVE-2010-2000
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-1358.
CVSS Score
2.1
EPSS Score
0.003
Published
2010-05-20
CVE-2010-2001
Cross-site scripting (XSS) vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI.
CVSS Score
2.6
EPSS Score
0.003
Published
2010-05-20
CVE-2010-1984
Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 5.x before 5.x-1.5 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via the taxonomy term name in a Breadcrumb display.
CVSS Score
2.1
EPSS Score
0.003
Published
2010-05-19
CVE-2010-1976
Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via the node title in a Breadcrumb display.
CVSS Score
2.1
EPSS Score
0.003
Published
2010-05-19
CVE-2010-1584
Cross-site scripting (XSS) vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description.
CVSS Score
2.1
EPSS Score
0.005
Published
2010-05-19
CVE-2009-4829
Cross-site scripting (XSS) vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privileges to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
2.1
EPSS Score
0.003
Published
2010-04-27
CVE-2010-1536
Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
2.1
EPSS Score
0.002
Published
2010-04-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved