Vulnerabilities > Drupal > Everyblog
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-14 | CVE-2008-6137 | Permissions, Privileges, and Access Controls vulnerability in Drupal Everyblog 5.0/6.0 EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions via unknown vectors. | 7.5 |
| 2009-02-14 | CVE-2008-6136 | Permissions, Privileges, and Access Controls vulnerability in Drupal Everyblog 5.0/6.0 Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to gain privileges as another user or an administrator via unknown attack vectors. | 7.5 |
| 2009-02-14 | CVE-2008-6135 | Cross-Site Scripting vulnerability in Drupal Everyblog 5.0/6.0 Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-02-14 | CVE-2008-6134 | SQL Injection vulnerability in Drupal Everyblog 5.0/6.0 SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |