Various Drupal modules such as Content Lock, Ubercart Bulk Stock Updater, Ubercart Payflow Link, ticketyboo News Ticker, Admin tools, and Redirecting click bouncer suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
dfba66004ce172b759e13bd0d69c968ca2876ae3c5a889fa13c062cb84aef994