Drupal Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Content Management System152
Project Management Software6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Drupal CMS8
Drupal Shindig-Integrator6
Drupal EveryBlog6
Drupal Ubercart Module4
Drupal E-Publish4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix130
Temporary Fix0
Workaround0
Unavailable14
Not Defined14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High58
Functional0
Proof-of-Concept48
Unproven16
Not Defined36

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local0
Adjacent0
Network158

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High0
Low50
None108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required90
None68

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤30
≤430
≤556
≤616
≤726
≤826
≤90
≤104

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤32
≤440
≤556
≤626
≤730
≤80
≤92
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤30
≤430
≤556
≤614
≤728
≤826
≤90
≤104

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤72
≤82
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤12
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k4
<2k94
<5k60
<10k0
<25k0
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k158
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Products (114): Acidfree (1), Administrator (1), Aggregation module (3), Ajax Checklist (2), Archive Module (1), Atom Module (1), BUEditor (1), Bibliography Module (2), BlueMasters (1), Brilliant Gallery (2), CCK comment reference (1), CMS (6), Chatroom Module (2), Comment Mail (1), Comment Upload Module (1), Commons (1), Content Construction Kit (3), Context Form Alteration module (1), Counter module (1), Custom Search module (2), Cvs Management And Tracker (1), Database Administration Module (2), Devel module (1), Doubleclick for Publishers (1), Drupal Pathauto Module (1), Drupal Project Issue Tracking (2), Drupal Pubcookie Module (1), E-Commerce Module (1), E-Publish (2), Easylinks Module (2), Entity API module (1), EveryBlog (4), Extended Tracker (1), FAQ (1), Feature Module (1), Feedapi Mapper (1), Fileshare module (1), Form Mail Module (1), Forward module (1), Header Image (1), Help Tip module (2), Imce Module (2), Internationalization (2), Job Search (1), Link module (1), Link to Us (1), Localization client (2), Localizer (1), LoginToboggan module (2), MAYO (1), Maestro (1), Magic Tabs module (1), Mailhandler (1), Mailsave (1), Mediafield Module (1), Meta Tags Module (1), Modal Frame (1), MySite (1), NewsFlash (1), News Page (1), Nivo Slider (1), Node Clone (1), Node Hierarchy module (1), Nodeaccess Userreference (1), Nodefamily (1), Nodequeue (1), OpenID (1), Organic Groups Menu (1), Organic Groups Module (2), Outline Designer module (1), Paypal Node Module (1), Petition Node module (1), Plus1 (1), Print (5), Print module (1), Professional theme (1), Project (1), Project Issue File Review (1), Project Issue Tracking Module (3), Project Issue Tracking module (2), Project issue tracking module (1), Protected Node module (1), Quiz (1), Randomizer (1), Search Keyword Module (1), Secure Site Module (2), Semantically Interconnected Online Communities (1), Services Module For Drupal (1), Shindig-Integrator (3), Shoutbox (1), SimpleCorp (1), Site Profile Directory Module (1), Skeleton theme (1), Stock Module (1), Suggested Terms module (1), Talk (2), Tasklist (1), Taxonomy Autotagger module (2), Taxonomy Image module (1), Taxonomy Theme module (1), Taxonomy manager (1), Tinytax Taxonomy Block Module (1), TrailScout module (2), Tribune (1), Ubercart Module (3), User Karma module (2), Userpoints Module (1), Userreview module (1), Views (2), Views Bulk Operations (1), Webform Module (1), Workflow (1), Zen (1), linkchecker (1)

Link to Vendor Website: https://www.drupal.org/

PublishedBaseTempVulnerabilityProdExpRemEPSSCTICVE
04/10/20185.45.1Drupal Entity API module Access Restriction access controlContent Management SystemNot DefinedOfficial Fix0.002240.00CVE-2014-1400
08/16/20178.07.7Drupal CMS access controlContent Management SystemNot DefinedOfficial Fix0.010900.00CVE-2017-6925
08/16/20174.64.5Drupal CMS REST API privileges managementContent Management SystemNot DefinedOfficial Fix0.009530.03CVE-2017-6924
08/16/20174.34.2Drupal CMS Ajax Endpoint authorizationContent Management SystemNot DefinedOfficial Fix0.001550.00CVE-2017-6923
04/21/20154.34.1Drupal Administrator cross-site request forgeryContent Management SystemNot DefinedOfficial Fix0.001600.00CVE-2015-3351
11/12/20144.34.1Drupal Organic Groups Menu Administration Page access controlContent Management SystemNot DefinedOfficial Fix0.001200.00CVE-2014-8734
10/16/20144.34.0Drupal Modal Frame cross site scriptingContent Management SystemHighOfficial Fix0.002200.00CVE-2014-8296
10/14/20144.34.1Drupal Project Issue File Review cross site scriptingFeedback SoftwareNot DefinedOfficial Fix0.001400.00CVE-2014-8765
10/13/20143.53.4Drupal Doubleclick for Publishers cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000820.00CVE-2014-8748
10/13/20144.34.1Drupal Commons Commons Module cross site scriptingContent Management SystemNot DefinedOfficial Fix0.002650.00CVE-2014-8747
10/13/20143.53.4Drupal Skeleton theme cross site scriptingContent Management SystemHighOfficial Fix0.001020.00CVE-2014-8746
10/13/20143.53.4Drupal Custom Search module Search Module cross site scriptingContent Management SystemHighOfficial Fix0.001110.00CVE-2014-8745
10/13/20143.53.4Drupal Nivo Slider cross site scriptingContent Management SystemHighOfficial Fix0.001110.00CVE-2014-8744
10/13/20143.53.4Drupal Maestro cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001110.00CVE-2014-8743
10/09/20143.53.4Drupal MAYO MAYO Theme cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001160.00CVE-2014-8079
10/09/20143.53.4Drupal Print cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001160.00CVE-2014-8078
10/09/20143.53.4Drupal NewsFlash cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001160.00CVE-2014-8077
10/09/20143.53.4Drupal Professional theme cross site scriptingContent Management SystemHighOfficial Fix0.001020.00CVE-2014-8076
10/09/20143.53.5Drupal Tribune cross site scriptingContent Management SystemNot DefinedNot Defined0.001200.00CVE-2014-8075
10/08/20143.53.4Drupal Zen template.php cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000890.00CVE-2014-7980
10/08/20143.53.4Drupal SimpleCorp cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001110.00CVE-2014-7979
10/08/20143.53.4Drupal BlueMasters cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001110.00CVE-2014-7978
10/06/20143.53.4Drupal Custom Search module Search Module cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000820.00CVE-2014-7870
10/06/20143.53.4Drupal Context Form Alteration module cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000820.00CVE-2014-7869
09/25/20124.34.1Drupal FAQ cross site scriptingContent Management SystemNot DefinedOfficial Fix0.003410.00CVE-2012-1646

133 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 133 results.

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!