Drupal : Security Vulnerabilities, CVEs, Published In 2009 CVSS score >= 8
Multiple unspecified vulnerabilities in the quota_by_role (Quota by role) module for Drupal have unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.31%
Published
2009-09-24
Updated
2022-09-27
SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.
Max CVSS
10.0
EPSS Score
0.25%
Published
2009-03-20
Updated
2017-08-17
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header.
Max CVSS
9.3
EPSS Score
1.53%
Published
2009-02-19
Updated
2017-08-17
3 vulnerabilities found