Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-25002
uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy.
Sunhater Kcfinder
7.5
CVSSv2
CVE-2016-20001
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv2
CVE-2016-20002
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2016-20003
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv2
CVE-2016-20004
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
7.5
CVSSv2
CVE-2016-20005
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2019-25012
The Webform Report project 7.x-1.x-dev for Drupal allows remote malicious users to view submissions by visiting the /rss.xml page. NOTE: This project is not covered by Drupal's security advisory policy.
Webform Report Project Webform Report 7.x-1.x-dev
5
CVSSv2
CVE-2016-20006
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2016-20007
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
5
CVSSv2
CVE-2016-20008
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Rest\\/json Project Rest\\/json
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »