Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-35191
The official drupal docker images prior to 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blan...
Drupal Drupal Docker Images 8.3.0-fpm-alpine
Drupal Drupal Docker Images
1 Github repository
10
CVSSv2
CVE-2013-0318
The admin page in the Banckle Chat module for Drupal does not properly restrict access, which allows remote malicious users to bypass intended restrictions via unspecified vectors.
Banckle Chat Project Banckle Chat -
10
CVSSv2
CVE-2009-3350
Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors.
Roshan Shah Subdomain Manager
10
CVSSv2
CVE-2009-3351
Multiple unspecified vulnerabilities in the Node Browser module for Drupal have unknown impact and attack vectors.
Kristy Frey Node Browser Module 5.x-2.5
Kristy Frey Node Browser Module 5.x-1.1
10
CVSSv2
CVE-2009-3352
Multiple unspecified vulnerabilities in the quota_by_role (Quota by role) module for Drupal have unknown impact and attack vectors.
Drupal Drupal
10
CVSSv2
CVE-2009-3353
Multiple unspecified vulnerabilities in the Node2Node module for Drupal have unknown impact and attack vectors.
Steve Lockwood Node2node
10
CVSSv2
CVE-2009-3354
Multiple unspecified vulnerabilities in the Rest API module for Drupal have unknown impact and attack vectors.
Andrew Sterling Hanenkamp Rest Api Module
10
CVSSv2
CVE-2009-1034
SQL injection vulnerability in the Tasklist module 5.x-1.x prior to 5.x-1.3 and 5.x-2.x prior to 5.x-2.0-alpha1, a module for Drupal, allows remote malicious users to execute arbitrary SQL commands via values in the URI.
Drupal Tasklist
10
CVSSv2
CVE-2008-0823
Unspecified vulnerability in the Header Image Module prior to 5.x-1.1 for Drupal allows remote malicious users to access the administration pages via unknown attack vectors.
Drupal Header Image 5.x-1.0
10
CVSSv2
CVE-2008-0568
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote malicious users to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
Drupal Secure Site Module 5.0
Drupal Secure Site Module 4.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »