CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2026/03/26 9:31 p.m.•7 views

EUVD-2026-16375

Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...

5.8AI score0.00187EPSS

Exploits0References2

RedhatCVE•added 2026/03/26 5:3 p.m.•2 views

CVE-2026-3216

Server-Side Request Forgery SSRF vulnerability in Drupal Drupal Canvas allows Server Side Request Forgery.This issue affects Drupal Canvas: from 0.0.0 before 1.1.1...

4.3CVSS5.8AI score0.00287EPSS

Exploits0References1

OSV•added 2025/10/30 12:15 a.m.•4 views

CVE-2025-9954

Missing Authorization vulnerability in Drupal Acquia DAM allows Forceful Browsing.This issue affects Acquia DAM: from 0.0.0 before 1.1.5...

7.5CVSS5.8AI score0.00256EPSS

Exploits0References1

Positive Technologies•added 2025/02/13 12:0 a.m.•3 views

PT-2025-7182 · Milliard · Line-Up-Exactly

Name of the Vulnerable Software and Affected Versions: Related Posts Line-up-Exactly by Milliard versions 0.0.0 through 0.0.22 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actio...

7.1CVSS9.3AI score0.00135EPSS

Exploits0References4

Positive Technologies•added 2024/05/17 12:0 a.m.•5 views

PT-2024-25405 · Wpcustomify · Wpcustomify Customify Site Library

Name of the Vulnerable Software and Affected Versions: WPCustomify Customify Site Library versions 0.0.0 through 0.0.9 Description: The issue is related to an Improper Control of Generation of Code, also known as 'Code Injection', which affects the WPCustomify Customify Site Library. This allows...

9.9CVSS6.6AI score0.01108EPSS

Exploits0References4

Positive Technologies•added 2024/04/24 12:0 a.m.•2 views

PT-2024-10086 · Drupal · Drupal Advanced Pwa Inc Push Notifications

Name of the Vulnerable Software and Affected Versions: Drupal Advanced PWA inc Push Notifications versions 0.0.0 through 1.5.0 Description: The issue is related to an incorrect authorization vulnerability in the Drupal Advanced PWA inc Push Notifications module, which allows for forceful browsing...

9.1CVSS7.2AI score0.00357EPSS

Exploits0References6

Positive Technologies•added 2024/03/27 12:0 a.m.•1 views

PT-2024-10136 · Tacjs · Tacjs

Name of the Vulnerable Software and Affected Versions: TacJS versions 0.0.0 through 6.4.9 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-Site Scripting XSS attacks. This can enable a remote attacker to perform inter-site...

5.5CVSS4.8AI score0.00215EPSS

Exploits0References5

Positive Technologies•added 2024/02/21 12:0 a.m.•5 views

PT-2024-10354 · Drupal · Node Access Rebuild Progressive

Name of the Vulnerable Software and Affected Versions: Node Access Rebuild Progressive versions 0.0.0 through 2.0.1 Node Access Rebuild Progressive version prior to 2.0.2 can be simplified to the above range, so it is omitted to avoid duplication. Description: The issue is related to improper...

5.3CVSS7.1AI score0.00258EPSS

Exploits0References5

Positive Technologies•added 2023/08/30 12:0 a.m.•4 views

PT-2023-24637 · Unknown · Rakib Hasan Dynamic Qr Code Generator

Name of the Vulnerable Software and Affected Versions: Rakib Hasan Dynamic QR Code Generator plugin versions 0.0.0 through 0.0.5 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into the...

7.1CVSS6.4AI score0.00454EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by