Vulnerabilities > Drupal > Drupal > 4.7.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-09 | CVE-2007-0124 | Denial of Service vulnerability in Drupal Page Caching Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist. network drupal | 3.5 |
2006-10-24 | CVE-2006-5477 | Cross-Site Scripting vulnerability in Drupal Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL. | 2.6 |
2006-10-24 | CVE-2006-5476 | Cross-Site Request Forgery vulnerability in Drupal Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors. | 7.5 |
2006-10-24 | CVE-2006-5475 | Cross-Site Scripting vulnerability in Drupal Multiple cross-site scripting (XSS) vulnerabilities in the XML parser in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allow remote attackers to inject arbitrary web script or HTML via a crafted RSS feed. network drupal | 6.8 |