VYPR

apk package

chainguard/drupal-11-apache2-config

pkg:apk/chainguard/drupal-11-apache2-config

Vulnerabilities (7)

  • CVE-2012-2306Jul 25, 2012
    affected < 0fixed 0

    SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2012-2339May 21, 2012
    affected < 11.2.5-r1fixed 11.2.5-r1

    Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "taxonomy information."

  • CVE-2009-4066Nov 24, 2009
    affected < 11.2.5-r1fixed 11.2.5-r1

    Multiple cross-site request forgery (CSRF) vulnerabilities in the "My Account" feature in PHPList Integration module 5 before 5.x-1.2 and 6 before 6.x-1.1 for Drupal allow remote attackers to hijack the authentication of arbitrary users via vectors related to (1) subscribing or (

  • CVE-2009-3479Sep 30, 2009
    affected < 11.2.5-r1fixed 11.2.5-r1

    Cross-site scripting (XSS) vulnerability in Bibliography (Biblio) 5.x before 5.x-1.17 and 6.x before 6.x-1.6, a module for Drupal, allows remote attackers, with "create content displayed by the Bibliography module" permissions, to inject arbitrary web script or HTML via a title.

  • CVE-2009-3156Sep 10, 2009
    affected < 11.2.5-r1fixed 11.2.5-r1

    Cross-site scripting (XSS) vulnerability in the Date Tools sub-module in the Date module 6.x before 6.x-2.3 for Drupal allows remote authenticated users, with "use date tools" or "administer content types" privileges, to inject arbitrary web script or HTML via a "Content type lab

  • CVE-2009-1047Mar 23, 2009
    affected < 11.2.5-r1fixed 11.2.5-r1

    Cross-site scripting (XSS) vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via vectors involving outbound HTM

  • CVE-2008-0462Jan 25, 2008
    affected < 11.2.5-r1fixed 11.2.5-r1

    Cross-site scripting (XSS) vulnerability in the Archive 5.x before 5.x-1.8 module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.