Lucene search
K

5 matches found

NVD
NVD
added 2025/07/21 5:15 p.m.7 views

CVE-2025-7717

Missing Authorization vulnerability in Drupal File Download allows Forceful Browsing.This issue affects File Download: from 0.0.0 before 1.9.0, from 2.0.0 before 2.0.1...

7.5CVSS0.0035EPSS
Exploits0References1
CVE
CVE
added 2025/07/21 4:37 p.m.20 views

CVE-2025-7717

CVE-2025-7717 is a Missing Authorization vulnerability in the Drupal File Download module. The issue allows forceful browsing to access protected files due to insufficient access control. Affected versions are Drupal File Download 0.0.0–1.8.9 and 2.0.0 (inclusive); versions before 1.9.0 and befor...

7.5CVSS6.6AI score0.0035EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.4 views

PT-2025-30312 · Drupal · Drupal File Download

Name of the Vulnerable Software and Affected Versions: Drupal File Download versions 0.0.0 through 1.8.9 Drupal File Download versions 2.0.0 through 2.0.0 Description: The File Download module is susceptible to a missing authorization issue, allowing for forceful browsing. Recommendations: Update...

7.5CVSS6.4AI score0.0035EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.4 views

Drupal File Download 安全漏洞

Drupal File Download is a file download plugin for the Drupal community. A security vulnerability exists in Drupal File Download versions prior to 1.9.0 and prior to 2.0.1, which stems from a lack of authorization and could lead to a forced browsing attack...

7.5CVSS6.6AI score0.0035EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/07/16 12:0 a.m.7 views

Drupal File Download module < 1.9.0,2.0.0 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Willem Drupal enthousiast willempje2 in WordPress Module File Download versions 1.9.0,2.0.0...

7.5CVSS7AI score0.0035EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder