CVE-2025-14472

Cross-Site Request Forgery CSRF vulnerability in Drupal Acquia Content Hub allows Cross Site Request Forgery.This issue affects Acquia Content Hub: from 0.0.0 before 3.6.4, from 3.7.0 before 3.7.3...

CVE-2025-13982 Login Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

PT-2026-5206

Name of the Vulnerable Software and Affected Versions Acquia Content Hub versions 0.0.0 through 3.6.3 Acquia Content Hub versions 3.7.0 through 3.7.2 Description A Cross-Site Request Forgery CSRF issue exists in Acquia Content Hub. This allows attackers to perform actions on behalf of authenticat...

CVE-2025-10929

Improper Validation of Consistency within Input vulnerability in Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables.This issue affects Reverse Proxy Header: from 0.0.0 before 1.1.2...

CVE-2025-8675

Server-Side Request Forgery SSRF vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue affects AI SEO Link Advisor: from 0.0.0 before 1.0.6...

CVE-2025-8675 AI SEO Link Advisor - Less critical - Server-side Request Forgery - SA-CONTRIB-2025-095

Server-Side Request Forgery SSRF vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue affects AI SEO Link Advisor: from 0.0.0 before 1.0.6...

Drupal Open Social 安全漏洞

Drupal Open Social is a Drupal-based social networking platform solution from the Drupal community designed to provide a complete social networking capability for businesses, organizations or communities. A security vulnerability exists in Drupal Open Social versions prior to 12.3.11 and 12.4.0...

CVE-2024-13264

Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno module allows PHP Local File Inclusion.This issue affects Opigno module: from 0.0.0 before 3.1.2...

VulnCheck KEV: CVE-2013-0322

Cross-site scripting XSS vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field...

elFinder 路径遍历漏洞

elFinder is a set of Drupal-based platform , open source AJAX file manager . The product provides multiple file uploads, image scaling, and other features. A path traversal vulnerability exists in elFinder AspNet that does not properly eliminate a file system path before creating it using a...

elFinder 安全漏洞

elFinder is a set of Drupal-based platform , open source AJAX file manager . The product provides multiple file uploads, image scaling and other features. A security vulnerability exists in ElFinder 2.1.47 and earlier versions, which stems from a command injection vulnerability in the program's P...

elFinder 代码问题漏洞

elFinder is a set of open source AJAX file managers based on the Drupal platform. The product provides multiple file uploads, image scaling, and other features. elFinder has a security vulnerability that could be exploited by attackers to execute arbitrary code and commands on the server hosting...

Drupal OpenLucius module cross-site request forgery vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.OpenLucius is one of the work management platforms for social communication, documentation and projects. A cross-site request forgery vulnerability exists in the Drupal OpenLucius modul...