Lucene search
K

9 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-43073

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...

6.1AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 5 days ago9 views

CVE-2026-58591

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...

5.4CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-15081

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Drupal Location Selector allows SQL Injection. This issue affects Location Selector versions: from 0.0.0 to 1.3.0...

7.4CVSS0.00257EPSS
Exploits0References1
NVD
NVD
added 2026/05/19 11:16 p.m.22 views

CVE-2026-8491

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1...

3.7CVSS0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/10/10 10:24 p.m.3 views

CVE-2025-9551

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Protected Pages allows Brute Force.This issue affects Protected Pages: from 0.0.0 before 1.8.0, from 7.X-1.0 before 7.X-2.5...

6.5CVSS5.8AI score0.00351EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/08/15 5:15 p.m.8 views

CVE-2025-8361

Missing Authorization vulnerability in Drupal Config Pages allows Forceful Browsing.This issue affects Config Pages: from 0.0.0 before 2.18.0...

7.6CVSS0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.3 views

PT-2024-10087 · Drupal · Drupal Entity Form Steps

Name of the Vulnerable Software and Affected Versions: Drupal Entity Form Steps versions 0.0.0 through 1.1.3 Description: The issue is related to improper neutralization of input during web page generation, allowing for Cross-Site Scripting XSS attacks. This can enable a remote attacker to conduc...

5.5CVSS5.7AI score0.00232EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/06/03 12:0 a.m.8 views

PT-2021-16873 · Nestie · Nestie

Name of the Vulnerable Software and Affected Versions: nestie versions 0.0.0 through 1.0.0 Description: The issue allows an attacker to cause a denial of service and may lead to remote code execution. Recommendations: For versions 0.0.0 through 1.0.0, at the moment, there is no information about ...

9.8CVSS9.6AI score0.02961EPSS
Exploits1References5
CNVD
CNVD
added 2018/07/04 12:0 a.m.5 views

Joyent Node.js SQL Injection Vulnerability

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...

8.8CVSS9AI score0.01202EPSS
Exploits1References1
Rows per page
Query Builder