Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2021/05/01 3:0 p.m.189 views

Exploit for Deserialization of Untrusted Data in Drupal

This is a PoC exploit for CVE-2019-6340, a remote code execution...

8.1CVSS8.7AI score0.91919EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2019/04/25 12:0 a.m.17 views

Drupal 8.6.x < 8.6.15 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - Several flaws exist in third-party Symfony PHP framework. - A flaw exists in third-party jQuery JavaScript library. Note that the scanner has not tested for these issues but...

9.8CVSS8.6AI score0.0595EPSS
Exploits1References6
OSV
OSV
added 2019/03/26 6:29 p.m.15 views

CVE-2019-6341

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability...

5.4CVSS5.2AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/02/21 12:0 a.m.18 views

Drupal 8.6.x < 8.6.10 Remote Code Execution Vulnerability

According to its self-reported version, the instance of Drupal running on the remote web server is 8.5.x prior to 8.5.11 or 8.6.x prior to 8.6.10. It is, therefore, affected by a remote code execution vulnerability due to improper sanitization of data from non-form sources. Note that the scanner...

8.1CVSS8.8AI score0.91919EPSS
Exploits22References3
Tenable Nessus
Tenable Nessus
added 2019/02/20 12:0 a.m.25 views

Drupal 8.6.x < 8.6.10 RCE (SA-CORE-2019-003)

Binary data 700420.prm...

8.1CVSS8.4AI score0.91919EPSS
Exploits22References2
Tenable Nessus
Tenable Nessus
added 2019/01/31 12:0 a.m.13 views

Drupal 8.6.x < 8.6.6 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists in third-party PEAR ArchiveTar library. - A flaw exists in PHP's built-in phar stream wrapper that could lead to a remote code execution when performing file...

9.8CVSS10AI score0.33228EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.18 views

Drupal 8.6.x < 8.6.0-beta2 Symfony Legacy HTTP Headers Vulnerability

According to its self-reported version number, the detected Drupal application is affected by a vulnerability in Symfony library X-Original-URL and X-Rewrite-URL HTTP headers support. Note that the scanner has not tested for these issues but has instead relied only on the application's...

6.5CVSS7.2AI score0.58061EPSS
Exploits0References4
Rows per page
Query Builder