Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / drupal

drupal

509 tracked vulnerabilities.

Semantically-Interconnected Online Communities < 5.x_1.0 - Information Disclosure

EveryBlog 5.x and 6.x - Access Restriction Bypass

EveryBlog <6.x - Privilege Escalation

EveryBlog 5.x and 6.x - Cross-Site Scripting

EveryBlog 5.x and 6.x - SQL Injection

Drupal 6.x < 6.x-2.2 - SQL Injection

Ajax Checklist module <5.x-1.1 - XSS

Drupal Ajax Checklist <5.x-1.1 - SQL Injection

Drupal 5.x < 5.11 - Node Validation Bypass via Contributed Modules

Drupal 5.x < 5.11 and 6.x < 6.5 - Authenticated Access Bypass via BlogAPI Module

Drupal 5.x < 5.11 and 6.x < 6.5 - Authenticated Login Access Bypass

Drupal < 5.11 - Authenticated Unauthorized File Access

Drupal < 6.5 - Authenticated File Upload Bypass via Validation Logic Error

Drupal Stock Module < 6.x-1.0 - Cross-Site Scripting

Drupal Node Clone - Authenticated SQL Injection via Previously Cast Vote

Shindig-Integrator 5.x - Unspecified Remote Vulnerability

Shindig-Integrator 5.x - Privilege Escalation

Shindig-Integrator 5.x - Authenticated Cross-Site Scripting

Brilliant Gallery < 5.x-4.2 - SQL Injection

Brilliant Gallery < 5.x-4.2 - Authenticated Cross-Site Scripting

Drupal Talk < 5.x-1.3 and 6.x < 6.x-1.5 - Unauthenticated Sensitive Information Exposure via Comment Display

Drupal Talk < 5.x-1.3 and 6.x < 6.x-1.5 - Authenticated Cross-Site Scripting via Node Title

Drupal Link to Us < 5.x-1.0 - Authenticated Cross-Site Scripting via Link Page Header Field

Drupal Mailhandler < 5.x-1.3 - SQL Injection

Drupal Mailsave < 5.x-3.3 and 6.x < 6.x-1.3 - Cross-Site Scripting via Email Attachment Content-Type

Previous Page 15 of 21 Next

Products

drupal 273 core 91 core-recommended 6 project_issue_tracking_module 6 Drupal core 5 print 5 aggregation_module 4 ai 4 everyblog 4 project 4 ubercart_module 4 Drupal Core 3 OpenID Connect / OAuth client 3 content_construction_kit 3 drupal_project_issue_tracking 3 shindig-integrator 3 File Access Fix (deprecated) 2 activity 2 ajax_checklist 2 artificial_intelligence 2 bibliography_module 2 brilliant_gallery 2 chatroom_module 2 civictheme 2 cookies_consent_management 2 custom_search_module 2 data 2 database_administration_module 2 drupal_easylinks_module 2 google_tag 2

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy