Vulnerabilities > Drupal > Everyblog > High

DATE CVE VULNERABILITY TITLE RISK
2009-02-14 CVE-2008-6137 Permissions, Privileges, and Access Controls vulnerability in Drupal Everyblog 5.0/6.0
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions via unknown vectors.
network
low complexity
drupal CWE-264
7.5
7.5
2009-02-14 CVE-2008-6136 Permissions, Privileges, and Access Controls vulnerability in Drupal Everyblog 5.0/6.0
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to gain privileges as another user or an administrator via unknown attack vectors.
network
low complexity
drupal CWE-264
7.5
7.5
2009-02-14 CVE-2008-6134 SQL Injection vulnerability in Drupal Everyblog 5.0/6.0
SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
drupal CWE-89
7.5
7.5