Drupal Full Path Disclosure

🗓️ 29 Aug 2024 12:31:05Reported by GitHub Advisory DatabaseType

Drupal 11.x-dev Full Path Disclosure in authorize.ph

Reporter	Title	Published	Views	Family All 23
GithubExploit	Exploit for Generation of Error Message Containing Sensitive Information in Drupal	10 Feb 202616:18	–	githubexploit
Circl	CVE-2024-45440	29 Aug 202413:42	–	circl
CNNVD	Drupal 安全漏洞	29 Aug 202400:00	–	cnnvd
CVE	CVE-2024-45440	29 Aug 202400:00	–	cve
Cvelist	CVE-2024-45440	29 Aug 202400:00	–	cvelist
Exploit DB	Drupal 11.x-dev - Full Path Disclosure	19 Apr 202500:00	–	exploitdb
Nuclei	Drupal 11.x-dev - Full Path Disclosure	2 Jun 202610:14	–	nuclei
NVD	CVE-2024-45440	29 Aug 202411:15	–	nvd
OpenVAS	Drupal Information Disclosure Vulnerability (GHSA-mg8j-w93w-xjgc) - Linux - Version Check	3 Feb 202500:00	–	openvas
OpenVAS	Drupal Information Disclosure Vulnerability (GHSA-mg8j-w93w-xjgc) - Windows - Version Check	3 Feb 202500:00	–	openvas

Vulners

Node

drupal coreRange8.0.0–10.2.9composer

drupal core-recommendedRange8.0.0–10.2.9composer

drupal drupalRange8.0.0–10.2.9composer

drupal coreRange10.3.0–10.3.6composer

drupal core-recommendedRange10.3.0–10.3.6composer

drupal drupalRange10.3.0–10.3.6composer

drupal coreRange11.0.0–11.0.5composer

drupal core-recommendedRange11.0.0–11.0.5composer

drupal drupalRange11.0.0–11.0.5composer

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-45440
drupal	www.drupal.org/project/drupal/issues/3457781
senscybersecurity	www.senscybersecurity.nl/CVE-2024-45440-Explained
github	www.github.com/github/advisory-database/pull/4827
drupal	www.drupal.org/project/drupal/releases/10.3.6
drupal	www.drupal.org/project/drupal/releases/11.0.5
drupal	www.drupal.org/project/drupal/releases/10.2.9
exploit-db	www.exploit-db.com/exploits/52266
github	www.github.com/advisories/GHSA-mg8j-w93w-xjgc

23 Apr 2025 14:37Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.15.3

EPSS0.86689

SSVC