Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal project vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2008-10004
A vulnerability was found in Email Registration 5.x-2.1 on Drupal. It has been declared as critical. This vulnerability affects the function email_registration_user of the file email_registration.module. The manipulation of the argument namenew leads to sql injection. The attack ...
Email Registration Project Email Registration 5.x-2.1
7.5
CVSSv3
CVE-2017-20001
The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. NOTE: This project is not covered by Drupal's security advisory policy.
Aes Encryption Project Aes Encryption
8.8
CVSSv3
CVE-2018-25002
uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy.
Sunhater Kcfinder
9.8
CVSSv3
CVE-2016-20001
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv3
CVE-2016-20003
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
9.8
CVSSv3
CVE-2016-20004
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
9.8
CVSSv3
CVE-2016-20005
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
9.8
CVSSv3
CVE-2016-20002
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv3
CVE-2019-25012
The Webform Report project 7.x-1.x-dev for Drupal allows remote malicious users to view submissions by visiting the /rss.xml page. NOTE: This project is not covered by Drupal's security advisory policy.
Webform Report Project Webform Report 7.x-1.x-dev
7.5
CVSSv3
CVE-2016-20007
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »