CVE-2025-12848

Webform Multiple File Upload module for Drupal 7.x contains a cross-site scripting XSS vulnerability in the file name renderer. An unauthenticated attacker can exploit this vulnerability by uploading a file with a malicious filename containing JavaScript code e.g., "" to a Webform node with a...

EUVD-2014-4920

Malware in sbrugna...

EUVD-2015-3288

Malware in sbrugna...

EUVD-2015-2840

Malware in sbrugna...

EUVD-2014-8176

Malware in sbrugna...

EUVD-2012-1604

Malware in sbrugna...

EUVD-2013-6212

Malware in sbrugna...

EUVD-2012-2303

Malware in sbrugna...

EUVD-2014-9543

Malware in sbrugna...

EUVD-2013-6213

Malware in sbrugna...

EUVD-2015-3287

Malware in sbrugna...

EUVD-2015-7774

Malware in sbrugna...

EUVD-2011-2704

Malware in sbrugna...

EUVD-2012-0853

Malware in sbrugna...

EUVD-2015-6597

Malicious code in bioql PyPI...

EUVD-2022-2662

Malicious code in bioql PyPI...

EUVD-2022-5661

Malicious code in bioql PyPI...

CVE-2015-7227

The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels...

CVE-2024-13291

CVE-2024-13291 concerns Drupal’s Basic HTTP Authentication module. Affected versions are 7.X-1.0 through 7.X-1.3 (and 7.X-1.0 to 7.X-1.3 per PT-2024-10484) with the issue arising from insufficient authorization, enabling forceful browsing (an access-bypass scenario). The vulnerability is fixed in...

Fedora 37 : drupal7 (2022-c4334d5277)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c4334d5277 advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...