VYPR
Unrated severityNVD Advisory· Published Mar 20, 2009· Updated Jun 16, 2026

CVE-2009-1036

CVE-2009-1036

Description

Cross-site request forgery (CSRF) vulnerability in the Plus 1 module before 6.x-2.6, a module for Drupal, allows remote attackers to cast votes for content via unspecified aspects of the URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • Drupal/Plus115 versions
    cpe:2.3:a:drupal:plus1:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:drupal:plus1:*:*:*:*:*:*:*:*range: <=6.x-2.5
    • cpe:2.3:a:drupal:plus1:6.x-1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:drupal:plus1:6.x-2.4:*:*:*:*:*:*:*
    • (no CPE)range: <6.x-2.6

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.