Information on source package drupal6

Available versions

ReleaseVersion
squeeze, squeeze6.30-1

Open issues

BugsqueezeDescription
TEMP-0000000-E45C28vulnerableinformation disclosure

Open unimportant issues

BugsqueezeDescription
TEMP-0000000-57BF72vulnerableXSS in drupal printing module
TEMP-0000000-8FB0B7vulnerableXSS in drupal 6 calendar field

Resolved issues

BugDescription
CVE-2008-3661Drupal, probably 5.10 and 6.4, does not set the secure flag for the ...
CVE-2008-4789The validation functionality in the core upload module in Drupal 6.x ...
CVE-2008-4791The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might ...
CVE-2008-4792The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 ...
CVE-2008-4793The node module API in Drupal 5.x before 5.11 allows remote attackers ...
CVE-2008-6170Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and ...
CVE-2008-6171includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, ...
CVE-2008-6532Multiple cross-site request forgery (CSRF) vulnerabilities in the ...
CVE-2008-6533Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related ...
CVE-2009-0382Unspecified vulnerability in Internationalization (i18n) Translation ...
CVE-2009-1575Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and ...
CVE-2009-1576Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before ...
CVE-2009-1844Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...
CVE-2009-2372Drupal 6.x before 6.13 does not prevent users from modifying user ...
CVE-2009-2373Cross-site scripting (XSS) vulnerability in the Forum module in Drupal ...
CVE-2009-2374Drupal 5.x before 5.19 and 6.x before 6.13 does not properly sanitize ...
CVE-2009-4369Cross-site scripting (XSS) vulnerability in the Contact module ...
CVE-2009-4370Cross-site scripting (XSS) vulnerability in the Menu module ...
CVE-2009-4371Cross-site scripting (XSS) vulnerability in the Locale module ...
CVE-2010-2250Installation cross site scripting
CVE-2010-2471Open redirection
CVE-2010-2472Locale module cross site scripting
CVE-2010-2473Blocked user session regeneration
CVE-2010-3091The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...
CVE-2010-3092The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does ...
CVE-2010-3093The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 ...
CVE-2010-3094Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x ...
CVE-2010-3685The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...
CVE-2010-3686The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...
CVE-2011-2687Drupal 7.x before 7.3 allows remote attackers to bypass intended ...
CVE-2012-0825Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that ...
CVE-2012-0826Cross-site request forgery (CSRF) vulnerability in the Aggregator ...
CVE-2012-0827The File module in Drupal 7.x before 7.11, when using unspecified ...
CVE-2012-4553Drupal 7.x before 7.16 allows remote attackers to obtain sensitive ...
CVE-2012-4554The OpenID module in Drupal 7.x before 7.16 allows remote OpenID ...
CVE-2012-5651Drupal 6.x before 6.27 and 7.x before 7.18 displays information for ...
CVE-2012-5652Drupal 6.x before 6.27 allows remote attackers to obtain sensitive ...
CVE-2012-5653The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 ...
CVE-2013-0244Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and ...
CVE-2013-0245The printer friendly version functionality in the Book module in ...
CVE-2013-0316The Image module in Drupal 7.x before 7.20 allows remote attackers to ...
CVE-2013-1887Multiple cross-site scripting (XSS) vulnerabilities in the Views ...
CVE-2013-6385The form API in Drupal 6.x before 6.29 and 7.x before 7.24, when used ...
CVE-2013-6386Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand ...
CVE-2014-1475The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows ...
CVE-2014-1476The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an ...
TEMP-0000000-FC3A86unspecified multiple Drupal vulnerabilies, likely some overlap with the next temp entry
TEMP-0503222-4ACACFXSS in book module in drupal
TEMP-0503222-760085local file inclusion in drupal
TEMP-0547140-24A459SA-CORE-2009-008

Security announcements

DSADescription
DSA-2851-1drupal6 - impersonation
DSA-2828-1drupal6 - several
DSA-2776-1drupal6 - several
DSA-2113-1drupal6 - several vulnerabilities
DSA-2016-1drupal6 - several vulnerabilities
DSA-1930-1drupal6 - several vulnerabilities
DSA-1808-1drupal6 - insufficient input sanitising
DSA-1792-1drupal6 - multiple vulnerabilities

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)