Unrated severityNVD Advisory· Published Mar 20, 2009· Updated Jun 16, 2026
CVE-2009-1036
CVE-2009-1036
Description
Cross-site request forgery (CSRF) vulnerability in the Plus 1 module before 6.x-2.6, a module for Drupal, allows remote attackers to cast votes for content via unspecified aspects of the URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:drupal:plus1:*:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:drupal:plus1:*:*:*:*:*:*:*:*range: <=6.x-2.5
- cpe:2.3:a:drupal:plus1:6.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.0:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.1:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.2:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.3:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:plus1:6.x-2.4:*:*:*:*:*:*:*
- (no CPE)range: <6.x-2.6
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.