Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 7.14 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3704
The expandArguments function in the database abstraction API in Drupal core 7.x prior to 7.32 does not properly construct prepared statements, which allows remote malicious users to conduct SQL injection attacks via an array containing crafted keys.
Drupal Drupal
Debian Debian Linux 7.0
4 EDB exploits
2 Nmap scripts
5 Github repositories
2 Articles
NA
CVE-2014-9015
Drupal 6.x prior to 6.34 and 7.x prior to 7.34 allows remote malicious users to hijack sessions via a crafted request, as demonstrated by a crafted request to a server that supports both HTTP and HTTPS sessions.
Drupal Drupal
Debian Debian Linux 7.0
NA
CVE-2014-9016
The password hashing API in Drupal 7.x prior to 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x prior to 6.x-2.1 for Drupal allows remote malicious users to cause a denial of service (CPU and memory consumption) via a crafted request.
Drupal Drupal
Secure Password Hashes Project Secure Passwords Hashes
Debian Debian Linux 7.0
1 EDB exploit
2 Github repositories
NA
CVE-2014-2983
Drupal 6.x prior to 6.31 and 7.x prior to 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors.
Drupal Drupal
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
NA
CVE-2014-1612
Cross-site scripting (XSS) vulnerability in login.esp in the Web Management Interface in Media5 Mediatrix 4402 VoIP Gateway with firmware Dgw 1.1.13.186 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Media5 Mediatrix Voip Gateway 4402 Firmware Dgw 1.1.13.186
Media5 Mediatrix Voip Gateway 4402
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6