Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Positive Technologies
Positive Technologiesadded 2026/01/14 12:0 a.m.3 views

PT-2026-2980

Name of the Vulnerable Software and Affected Versions Drupal AT Internet Piano Analytics versions 0.0.0 through 1.0.0 Drupal AT Internet Piano Analytics versions 2.0.0 through 2.3.0 Description The AT Internet Piano Analytics module for Drupal contains a Cross-Site Scripting XSS issue. The module...

4.8CVSS5.4AI score0.00142EPSS
Exploits0References6
Drupal
Drupaladded 2025/08/06 12:0 a.m.17 views

AI SEO Link Advisor - Less critical - Server-side Request Forgery - SA-CONTRIB-2025-095

This module enables you to provide SEO analysis and recommendations for a given URL. The module doesn't sufficiently sanitize user-supplied URLs, leading to a Server-side request forgery SSRF vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...

8.8CVSS7.1AI score0.00235EPSS
Exploits0References2
OSV
OSVadded 2024/02/28 6:19 p.m.3 views

DRUPAL-CONTRIB-2024-012

This module gives each node a 'private' checkbox. If it's set, the node can only be seen by the node author, or users with the 'access private content' permission. The module incorrectly grants access to private nodes under certain specific circumstances. This vulnerability is mitigated by the fa...

5.5CVSS6.7AI score0.00182EPSS
Exploits0References1
OSV
OSVadded 2023/08/30 4:23 p.m.2 views

DRUPAL-CONTRIB-2023-042

This module enables you to hide email addresses from bots and site scrapers by using the rot13 strategy. The module doesn't sufficiently escape the data attribute under the scenario a user has access to manipulate that value. This vulnerability is mitigated by the fact that an attacker must have ...

6.7AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2020/09/08 12:0 a.m.3 views

PT-2020-4017

Name of the Vulnerable Software and Affected Versions Microsoft Exchange server affected versions not specified Description A remote code execution issue exists due to improper validation of cmdlet arguments. An attacker could exploit this to run arbitrary code in the context of the System user...

9CVSS8.9AI score0.47145EPSS
Exploits5References19
Drupal
Drupaladded 2019/11/13 12:0 a.m.4 views

Taxonomy CSV import/export - Moderately critical - Information disclosure - SA-CONTRIB-2019-084

Updated January 9th, 2020 This module enables you to import taxonomy terms from different sources, including a text area, a file upload or a file present in the web server. The module doesn't sufficiently validate user input when providing a local filename to import. This vulnerability is mitigat...

5.6AI score
Exploits0References5
Rows per page
Query Builder