9 matches found
EUVD-2026-43073
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...
CVE-2026-58591
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...
CVE-2026-15081
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Drupal Location Selector allows SQL Injection. This issue affects Location Selector versions: from 0.0.0 to 1.3.0...
CVE-2026-8491
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1...
CVE-2025-9551
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Protected Pages allows Brute Force.This issue affects Protected Pages: from 0.0.0 before 1.8.0, from 7.X-1.0 before 7.X-2.5...
CVE-2025-8361
Missing Authorization vulnerability in Drupal Config Pages allows Forceful Browsing.This issue affects Config Pages: from 0.0.0 before 2.18.0...
PT-2024-10087 · Drupal · Drupal Entity Form Steps
Name of the Vulnerable Software and Affected Versions: Drupal Entity Form Steps versions 0.0.0 through 1.1.3 Description: The issue is related to improper neutralization of input during web page generation, allowing for Cross-Site Scripting XSS attacks. This can enable a remote attacker to conduc...
PT-2021-16873 · Nestie · Nestie
Name of the Vulnerable Software and Affected Versions: nestie versions 0.0.0 through 1.0.0 Description: The issue allows an attacker to cause a denial of service and may lead to remote code execution. Recommendations: For versions 0.0.0 through 1.0.0, at the moment, there is no information about ...
Joyent Node.js SQL Injection Vulnerability
Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...