Vulnerabilities > Drupal > Drupal > 5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-30 | CVE-2007-4063 | Cross-Site Request Forgery vulnerability in Drupal Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.2 allow remote attackers to (1) delete comments, (2) delete content revisions, and (3) disable menu items as privileged users, related to improper use of HTTP GET and the Forms API. network drupal | 4.3 |
2007-02-01 | CVE-2007-0658 | Unspecified vulnerability in Drupal and Textimage The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $_SESSION. | 5.0 |
2007-01-31 | CVE-2007-0626 | Unspecified vulnerability in Drupal 5.0 The comment_form_add_preview function in comment.module in Drupal before 4.7.6, and 5.x before 5.1, and vbDrupal, allows remote attackers with "post comments" privileges and access to multiple input filters to execute arbitrary code by previewing comments, which are not processed by "normal form validation routines." | 6.5 |